IT Security News Daily Summary 2022-07-05

• Cloud spending continues to climb

• HackerOne Employee Fired for Stealing and Selling Bug Reports for Personal Gain

• GSA looks to help get LGBTQI-owned small businesses in the contracting mix

• DOD rings in Independence Day with bug bounties

• Supply Chain Attack Deploys Hundreds of Malicious NPM Modules to Steal Data

• NIST announces four quantum-resistant algorithms

• Crowdsourced data on overdoses pinpoints where to help

• Mark Zuckerberg Tells Facebook Employees That Encryption Will Protect Users Seeking Abortions

• Pentagon: We’ll pay you if you can find a way to hack us

• Beyond The Buzz: What is Zero Trust Network Access (ZTNA)?

• 2022 cybersecurity forecasts predict growth, emphasizing resilience

• How to find your niche in cybersecurity

• A ‘CISO evolution’ means connecting business value to security

• How to define cyber-risk appetite as a security leader

• How to write a cybersecurity job posting

• Microsoft Warns of Evolving Toll Fraud Android Malware Draining Wallets

• Three dirty data cybersecurity concerns for business enterprises

• Data Breach at PFC USA Impacts Patients of 650 Healthcare Providers

• The Most Common Types of Cyberattacks Plaguing SMBs An How to Protect Against Them

• Model reveals potential link between gun trends and mass shootings

• Google Chrome Gets Emergency Security Update

• NIST Acknowledges First Four Quantum-Resistant Encryption Tools

• Crypto Scam to be Investigated by British Army

• UK Military Investigates Hacks on Army Social Media Accounts

• TikTok CEO Addresses US Security Concern

• Google Chrome WebRTC Zero-Day Faces Active Exploitation

• Why Browser Vulnerabilities Are a Serious Threat — and How to Minimize Your Risk

• How States and Congress Can Prepare for a Looming Threat to Freedom of Speech

• Last Call at the “Star Wars Bar”: Harmonizing Incident and Breach Reporting Requirements

• TCDI Completes Acquisition of Aon’s eDiscovery Practice

• Tufin Announces Partner of the Year Award Winners

• #ISC2Congress: Politics, Cybersecurity & Global Issues – Ian Bremmer to Speak as (ISC)² Keynote

• TikTok gave data security reassurance to the United States

• Calls for bans on Chinese CCTV makers Hikvision, Dahua expand

• Google patches “in-the-wild” Chrome zero-day – update now!

• Google Releases Security Update for Chrome

• British Military’s Twitter and YouTube Accounts Hacked to Scam Crypto Users

• How to Secure Your SAP Environment

• Advanced Phishing Scams Target Middle East and Impersonate UAE Ministry of Human Resources

• Google Releases Security Update for Chrome

• EFF Statement on EU Parliament’s Adoption of Digital Services Act and Digital Markets Act

• AI/ML Powered Risk Modeling: A Decision-Making Framework

• Feeling Beleaguered? 3 Practical Steps for Cybersecurity Mastery

• Hive ransomware gets upgrades in Rust

• Google Announces Password Manager Updates to Enhance User Security

• This is the ultimate security key. Here’s why you need one

• Google to wipe user location history for visits to healthcare clinics, domestic violence shelters

• These are the cybersecurity threats of tomorrow that you should be thinking about today

• Ransomware: Why it’s still a big threat, and where the gangs are going next

• These are the biggest cybersecurity threats. Make sure you aren’t ignoring them

• How to enable SSH 2FA on Ubuntu Server 22.04

• How to spot your biggest security threat? Just look out for the humans

• A SQL Injection bug Hits the Django web Framework

• Lawmaker says ‘crypto driver’s license’ could deter use of digital currency in ransomware

• Iranian Fars News Agency claims cyberattack on a company involved in the construction of Tel Aviv metro

• Cloud-based malware is on the rise. How can you secure your business?

• TikTok is “unacceptable security risk” and should be removed from app stores, says FCC

• Hacker Alert! British Army’s YouTube and Twitter Accounts Hijacked

• Are banks quietly refusing reimbursements to fraud victims?

• Researchers Uncover Malicious NPM Packages Stealing Data from Apps and Web Forms

• Cyber Police of Ukraine arrested 9 men behind phishing attacks on Ukrainians attempting to capitalize on the ongoing conflict

• TikTok ‘Halts E-Commerce Expansion Plans’

• Why Phishing Is Still the Top Attack Method

• CISA: Here’s how to apply this key Windows patch without breaking certificate authentication

• PennyWise malware on YouTube targets cryptocurrency wallets and browsers

• 3 Cyber Threats Resulting From Today’s Technology Choices to Hit Businesses by 2024

• Pro-China Group Uses Dragonbridge Campaign to Target Rare Earth Mining Companies

• Germany Unveils Plan To Tackle Cyberattacks On Satellites

• Update now! Chrome patches ANOTHER zero-day vulnerability

• European Parliament Passes Landmark Tech Regulations

• Name That Edge Toon: On Guard

• British Army Cyber Attack Reminds Businesses That Social Media Accounts Are Prime Targets

• China’s Largest Data Leak – Comments From Camellia Chan, CEO, and Founder Of X-PHY

• UK Councils And Hospitals At Risk Of Cyber Hackers

• Latest Cyberattack Against Iran Part of Ongoing Campaign

• Limp Facebook Policies – Do They Ignore Suffering And Crime!

• Warning!! Google Chrome 0-Day Bug Exploited in Wide – Update Now!

• Zscaler gives security a shot of AI

• AstraLocker Ransomware Goes Offline and Makes Decryptors Available

• Germany unveils plan to tackle cyberattacks on satellites

• #ISC2Congress: Politics, Cybersecurity & Global Issues – Ian Bremmer to Speak as (ISC)² Keynote

• Indian Economic Police Raid Offices Of Smartphone Maker Vivo

• This WhatsApp scam promises you a visa, but just sends you into a spiral

• China data breach likely to fuel identity fraud, smishing attacks

• Google Patches Actively Exploited Chrome Bug

• French Music Service Deezer Slumps On Market Debut

• Hacker Claims Major Chinese Citizens’ Data Theft

• Will Facebook’s End-to-End Encryption Protect Abortion-Seeking Users?

• Center for Internet Security (CIS) Controls v8: Your Complete Guide to the Top 18

• End-to-End Encryption’s Central Role in Modern Self-Defense

• Attackers are using deepfakes to snag remote IT jobs

• Poor Software Patches Are Responsible for Half of All Zero-day Vulnerabilities

• Digital Audience Development vs Marketing: What’s the Difference?

• Alibaba’s finance arm open sources its privacy software and a ‘Secure Processing Unit’

• Google races out patch for high-severity Chrome browser zero-day on Windows and Android

• Ukrainian police takes down phishing gang behind payments scam

• Foxconn Expects Stronger Sales In Spite Of Economic Gloom

• As New Clues Emerges, Experts Wonder: Is REvil Back?

• The Psychology of Cybercrime

• Dutch University Turns a Profit on Ransomware Payment

• Hacker Claims to Have Stolen Information on 1 Billion Chinese Citizens

• Ukrainian Authorities Arrest Phishing Gang For Embezzling 100 Million UAH

• 1-15 June 2022 Cyber Attacks Timeline

• Samsung ‘To See Profits Jump’ On Data Centre Demand

• Singapore may introduce further cryptocurrency restrictions

• UK Councils and Hospitals Vulnerable to Cyber Hackers

• Hacker Claims to Have Personal Data of 1 Billion Chinese Citizens

• Threat actors compromised British Army ’s Twitter, YouTube accounts to promote crypto scams

• NATO Announce Plans to Develop Cyber Rapid Response Capabilities

• Install macOS Ventura Beta in a Virtual Machine on an M1 or M2 Mac with UTM

• NHS To Trial Drone Delivery Of Chemotherapy To Isle Of Wight

• New Malware Dubbed SessionManager Targeting Microsoft IIS Servers in the Wild

• AstraLocker ransomware operators shut down their operations

• Everything to Know About Rust Items and How to Use Them

• Dutch University retrieves Bitcoin ransomware payment and makes a profit

• Looking for adding new detection technologies in your security products?

• Researchers Share Techniques to Uncover Anonymized Ransomware Sites on Dark Web

• Billion-record stolen Chinese database for sale on breach forum

• AstraLocker Ransomware shuts down operations and shifts to Cryptojacking

• Surveillance data of Chinese citizens put online by hackers

• PCI DSS 4.0 released, addresses emerging threats and technologies

• Why Digital ID Should be On the Vacation Checklist

• Applying Shift Left principles to third party risk management

• People are the primary attack vector around the world

• Cybersecurity is driving digital transformation in alternative investment institutions

• Update Google Chrome Browser to Patch New Zero-Day Exploit Detected in the Wild

• Google updates Chrome to squash actively exploited WebRTC Zero Day

• Cyberattacks: A very real existential threat to organizations

• Juniper Networks unveils new Cloud Metro solution to improve productivity for service providers

• How To Hide Your IP And Keep From Being Tracked

• How Automation Affects The Interpretation Profession And Interpreting Services

• HackerOne Fires Employee for Stealing Bug Reports, Collecting Bug Bounties

• IT Security News Daily Summary 2022-07-04

• Vulnerability Summary for the Week of June 27, 2022

• Google fixes the fourth Chrome zero-day in 2022

• HackerOne insider fired for trying to claim other people’s bounties

• Emergency Chrome 103 Update Patches Actively Exploited Vulnerability

• Vulnerability Summary for the Week of June 27, 2022

• When good-faith hacking gets people arrested, with Harley Geiger: Lock and Code S03E14

• Hacker Selling Shanghai Police Database with Billions of Chinese Citizens Data

• Data of a billion Chinese residents available for sale on the dark web

• Alert! Teen Hackers are Using Discord to Disseminate Malware

• Insider Threat: Employees indicted for stealing $88 million of license keys

• Gitlab Patches a Critical RCE Flaw in Latest Security Advisory

• Versa Networks Named as Winner in SC Awards Europe 2022 Awards Program

• Digital PINS – The Next Step in Digital First Banking

• British Army Twitter and YouTube accounts hacked

• Free Smartphone Stalkerware Detection Tool Gets Dedicated Hub

• Multilingual Cybersecurity Awareness Training adapted for your needs

• HackerOne Employee Stole Bug Reported Through Bounty Platform to Sell Customers Directly

• Deprecated Linux Commands You Should Not Use Anymore (And Their Alternatives)

• Complete Guide to Using Wapiti Web Vulnerability Scanner to keep your Web Applications & Websites Secure

• Which Browser is Best for Online Security?

• Understanding OAuth 2.0

• Giant data breach? Leaked personal data of one billion people has been spotted for sale on the dark web

• Popular Django web framework affected by a SQL Injection flaw. Upgrade it now!

• A shifting paradigm – Virsec’s deterministic approach to cybersecurity

• Project Zero- Exploited Flaws in H1 2022 Variants of Previous Flaws

• NATO to Develop Rapid Cyber Response Capabilities

• Canadian cybercriminal pleads guilty to “NetWalker” attacks in US

• What To Do About Inherent Security Flaws In Critical Infrastructure?

• Google Location Tracking To Forget You Were Ever At That Medical Clinic

• British Army’s YouTube And Twitter Accounts Hacked

• Hacker Claims To Have Stolen 1 Billion Records Of Chinese Citizens From Police

• DoD announces launch of a new bug bounty program

• Google To Delete Location History Of Users Who Visit Abortion Clinics

• HackerOne employee accessed bug reports to claim extra bounties

• OpenSea Suffered Data Breach, Exposed Users’ Email Addresses

• Why You Should Use a Password Manager

• Central African Republic Pushes Crypto For Economic Inclusion

• Ukrainian Authorities Arrested Phishing Gang That Stole 100 Million UAH

• Teen “Hackers” on Discord Selling Malware for Quick Cash

• The British Army is investigating after its Twitter and YouTube accounts were hijacked

• Virtual-world tech company owner arrested over alleged $45m investment fraud scheme

• Sponsored Content Test

• Teen Hackers on Discord Selling Malware for Quick Cash

• 5 pro-freedom technologies that could change the Internet

• Hacker Claims Theft Of Data On 1 Billion Chinese Citizens

• Privacy Protection Agency Seizes Hacked Travel Company’s Servers

• “Free UK visa” offers on WhatsApp are fakes

• TikTok Reassures US Senate Over Data Plans

• The Worst Hacks and Breaches of 2022 So Far

• TikTok Assures U.S. Lawmakers That They Are Working to Further Safeguard User Data From Chinese Staff

• My Body, My Data Act would lock down reproductive and sexual health data

• Identity, trust, and their role in modern applications

• Google: Half of zero-day exploits linked to poor software fixes

• Microsoft Issue Updated Warning Against Known Cloud Threat Actor Group

• Threat Actor Group Claims Responsibility for High Profile University Hacks

• A week in security (June 27 – July 3)

• Thunderbird 102 Arrives With Feature Upgrades And Bug Fixes

• FBI Adds ‘Cryptoqueen’ To List Of Ten Most Wanted

• Why Security Configuration Management (SCM) Matters

• British Army Social Media Accounts Hijacked

• Unfaithful HackerOne employee steals bug reports to claim additional bounties

• ICO Set to Scale Back Public Sector Fines

• Parliamentarians Call For Ban On Chinese Surveillance Firms

• HackerOne Insider Defrauded Customers

• British Army Twitter, YouTube Accounts Hacked

• Medical scams: Educate yourself and your loved ones

• Threat Report Portugal: Q2 2022

• Capital Economics – 263,829 breached accounts

• Malicious Actor Claims Targeting IBM & Stanford University

• High-Severity Vulnerability Found In Amazon Photos Android App

• Software developers, how secure is your software ?

• Welcoming the Polish Government to Have I Been Pwned

• CISA orders federal agencies to patch CVE-2022-26925 by July 22

• HackerOne Employee Caught Stealing Vulnerability Reports for Personal Gains

• Hackers leak data of thousands of British School Pupils

• Dutch University gets back double the ransomware payment

• Zero Trust Creator John Kindervag Joins Cloud Security Alliance as Security Advisor

• Is the UK government prepared for its greatest threat?

• Malicious activities insiders perform in enterprise applications

• The Need of Privacy Certifications for Lawyers

• 69% of employees need to deal with more security measures in a hybrid work environment

• CISO Interview Series: The challenges of being the CISO for the University of Oxford.

• British Army Twitter and YouTube feeds hijacked by crypto-promos

• CircleCI unveils new features to its self-hosted runners

• British Army’s Twitter and YouTube feeds hijacked by crypto-promos

• Bookchor – 498,297 breached accounts

Generated on 2022-07-05 23:55:28.853777