IT Security News Daily Summary 2022-07-17

• Lenovo UEFI Firmware Vulnerabilities Risk Numerous Laptop Models

• Hackers can spoof commit metadata to create false GitHub repositories

• Crooks stole $375k from Premint NFT, it is one of the biggest NFT hacks ever

• Acquiring Actionable Knowledge Through Collaboration

• Darkweb Monitoring

• Google is going to remove App Permissions List from the Play Store

• The History of Countering Violent Extremism Tends to Repeat. It Shouldn’t.

• Mantis Botnet Behind Largest HTTPS DDoS Attack Targeting Cloudflare Users

• Office Phishing Attack circumvents multi-factor authentication

• Data of 4,000 Patients at VCU Health Exposed

• North Korean Hackers Using H0lyGh0st Ransomware To Attack & Demand 1.2 to 5 Bitcoins

• StartupApproved\Run, pt II

• Week in review: Kali Linux gets on Linode, facial recognition defeated, Log4j exploitation

• Penetration testing

• JukinMedia – 314,290 breached accounts

• APT groups target journalists and media organizations since 2021

• Security Affairs newsletter Round 374 by Pierluigi Paganini

• Terry Neal joins ID.me as Chief Communications Officer

• Neustar Security Services launches DDoS mitigation and application security data center in Dubai

• Hitachi Vantara hires Amee Desjourdy as Chief Human Resources Officer

• IT Security News Daily Summary 2022-07-16

• Critical flaw in Netwrix Auditor application allows arbitrary code execution

• Homeland Security Warns Log4j’s ‘Endemic’ Threats for Years to Come

• 5 data privacy imperatives for enterprise leaders

• North Korean Hackers Employ H0lyGh0st Ransomware to Target Businesses

• ISG to Publish Report on Public Cloud Services, Solutions

• SOC Prime Delivers New Smoking Guns Sigma Rules List

• Ex CIA Programmer Convicted of Leaking ‘Vault 7’ Hacking Tools to WikiLeaks

• North Koreans spotted harassing SMBs with malware

• Defective WordPress Plugin Permits Full Invasion

• Predatory Sparrow’s Assault on Iran’s Steel Industry

• CISA urges to fix multiple critical flaws in Juniper Networks products

• Get online training for 15 different CompTIA exams for under $60

• Amazon Handed Ring Videos to Cops Without Warrants

• Threat actors exploit a flaw in Digium Phone Software to target VoIP servers

• Mantis – Behind The Most Powerful Botnet Attack Ever Recorded With 26 Million RPS

• Mantis – Behind The Most Powerful Botnet Attack Ever Recorded With 26 Million Request Per Second

• Famm – 535,240 breached accounts

• Eskimi – 1,197,620 breached accounts

• Build or Buy your own antivirus product

• Hackers Targeting VoIP Servers By Exploiting Digium Phone Software

• Google Removes “App Permissions” List from Play Store for New “Data Safety” Section

• Weekly Update 304

• New Netwrix Auditor Bug Could Let Attackers Compromise Active Directory Domain

• TD SYNNEX Announces Results of Senior Notes Exchange

• Crosslake Technologies Announces Acquisition of Cybersecurity Advisory Firm VantagePoint

• Four Steps to Using Metrics to Defend Your Security Budget

• Haystack Secure Delivery protects sensitive and proprietary internal communications

• Keysight Cyber Training Simulator enables students to develop their skills in a realistic environment

• Think twice before downloading pirated games – Week in security with Tony Anscombe

• What is Steganography, and how can we Avoid it?

Generated on 2022-07-17 23:55:27.855985