IT Security News Daily Summary 2022-08-06

• Greek intelligence service used surveillance malware to spy on a journalist, Reuters reports

• DuckDuckGo says Hell, Hell, No to those Microsoft trackers after web revolt

• Slack resets passwords for about 0.5% of its users due to the exposure of salted password hashes

• Everything to know about SaaS data security

• How To Get Your Head Around Your Kids’ Online Gaming Life

• Secure second-factor authentication for custodial wallets

• (ISC)² and Others Commit to Closing the Cybersecurity Workforce Gap While at the White House

• CISA Adds One Known Exploited Vulnerability to Catalog

• Dark Utilities – A C2aaS Platform Leveraged By Hackers To Implant Malware

• Kaspersky VPN Secure Connection Vulnerability Discovered

• Microsoft bars Tutanota users from registering MS Teams accounts

• An ISP Settled Piracy Lawsuits. Could Users Take the Hit?

• The US Emergency Alert System Has Dangerous Flaws

• Emergency Alert System Bugs Can Help Actors Distribute Fraud Messages

• Twitter Breach Exposed Anonymous Account Owners

• Slack Resets Passwords After a Bug Exposed Hashed Passwords for Some Users

• Hackers Exploit Twitter Vulnerability to Exposes 5.4 Million Accounts

• Hi, I’ll be your ransomware negotiator today – but don’t tell the crooks that

• Build or Buy your own antivirus product

• Weekly Update 307

• Develop a zero‑trust environment to protect your organization – Week in security with Tony Anscombe

• Latest Cyberthreats and Advisories – July 29, 2022

• Latest Cyberthreats and Advisories – July 21, 2022

• AT&T Cybersecurity Insights Report: A Focus on Manufacturing

• Iranian Hackers Likely Behind Disruptive Cyberattacks Against Albanian Government

• Class Action Targets Experian Over Account Security

• Chinese Adult Site Leaking 14 Million User Details – and It’s Increasing!

• QuestionPro – 22,229,637 breached accounts

• Keysight joins forces with Nokia to demonstrate the 800GE readiness and interoperability public test

• TruSight partners with Whistic to provide companies with third-party risk management programs

• A Slack Bug Exposed Some Users’ Hashed Passwords for 5 Years

• Climate Change and National Security with Erin Sikorsky

• ActZero releases Blueprint for Ransomware Defense to improve cybersecurity posture for enterprises

• Deepwatch names Lori Cornmesser as SVP of Channel Sales and Alliances

• A Slack Bug Exposed Some Users’ Hashed Passwords for 5 Years

• Twitter confirms zero-day used to access data of 5.4 million accounts

• IT Security News Daily Summary 2022-08-05

• Hackers Can Exploit US Emergency Alert System Flaws to Fake Warnings

• The popularity of Dark Utilities ‘C2-as-a-Service’ rapidly increases

• Well-Architected Framework: Sustainability

• Misinformation campaigns and threats are undermining confidence in U.S. elections, official says

• NSF invests $25.4M into cybersecurity and privacy research projects

• Victory! Federal Court Upholds First Amendment Protections for Student’s Off-Campus Social Media Post

• Nomad to crypto thieves: Please give us back 90%, keep 10% as a reward. Deal?

• 5 data security challenges enterprises face today

• DOD failing to track progress on military alternatives to GPS, GAO says

• DHA names ineligible companies for $1.5B IT contract

• Cross-agency group explores next steps for identity verification

• What Worries Security Teams About the Cloud?

• Warning! Critical flaws found in US Emergency Alert System

• Apple Removes Scam App That Led to Hijacked Facebook Ad Accounts

• Traffic Light Protocol for cybersecurity responders gets a revamp

• Genesis IAB Market Brings Polish to the Dark Web

• Cyber Insurance Market 2022: FAQs & Updates with iBynd

• Anonymous Source Leaks 4TB of Cellebrite Data After Cyberattack

• Slack Forces Password Resets After Discovering Software Flaw

• Ghost Security Snags $15M Investment for API Security Tech

• Cybersecurity lessons learned from COVID-19 pandemic

• Importance of enterprise endpoint security during a pandemic

• Report Finds 49% of Security Teams Plan to Replace their ASM Solution in the next 12 Months

• A Ransomware Explosion Fosters Thriving Dark Web Ecosystem

• Latest Cyberthreats and Advisories – August 5, 2022

• #ISC2CONGRESS – Why you won’t want to miss it!

• State Policymakers Tackling Cyber Issues Including Ransomware

• Biometrics: The Future of Airport Technology

• The lifecycle of a software vulnerability

• Senate committee approves AGILE Procurement Act for IT and communications tech

• Cheaper 3D printing uses little nozzles and a ‘slicer’

• 7 best Acronis integrations and features

• Fresh RapperBot Malware Variant Brute-Forces Its Way Into SSH Servers

• Stolen Data Gives Attackers Advantage Against Text-Based 2FA

• GitHub Supply Chain Attack Cloned Thousands of Repositories to Target Developers

• Bug Discovered in DrayTek Vigor Routers by Trellix

• Facebook discovers new android malware connected to APT threat group

• MHDDoS – A DDoS Attack Script With Over 50 Different Methods

• GwisinLocker Ransomware Targets Linux Systems in South Korea

• The UK Online Safety Bill Attacks Free Speech and Encryption

• DIHK Suffers Cyberattacks, Shuts Down IT Systems

• Hackers Exploit Hostinger’s Preview Domain Feature to Launch Phishing Campaigns

• Iranian Hackers likely Behind Disruptive Cyberattacks Against Albanian Government

• Latest Cyberthreats and Advisories – August 5, 2022

• A new bill seeks to prevent the Secret Service from withholding records from its watchdog

• F5 Fixes 21 Vulnerabilities With Quarterly Security Patches

• FEMA Urges Patching of Emergency Alert Systems, But Some Flaws Remain Unfixed

• The Supreme Court’s Own Goal on Climate Change

• The Lessons—and Limits—of the Jan. 6 Committee

• Russian Entities Hit by New Woody RAT Malware

• Revealed: The top 11 malware strains you need to worry about

• DHS warns of critical flaws in Emergency Alert System encoder/decoder devices

• Critical Flaws Found In Four Cisco SMB Router Ranges

• Senator Wants To Set Aside Millions For Small Biz Cybersecurity Training

• Fishy Business: What Are Spear Phishing, Whaling and Barrel Phishing?

• The time is now for quantum-safe security

• Cybercrime a Key Revenue Stream For North Korea’s Weapons Program

• A Digital Home Has Many Open Doors

• How to Resolve Permission Issues in CI/CD Pipelines

• Small business growth in 2022: 7 effective strategies

• Open Redirect Flaw Snags Amex, Snapchat User Data

• How to use Authy: A guide for beginners

• CISA adds Zimbra email bug to Known Exploited Vulnerabilities Catalog

• Q&A with Siew Lau: Creativity, law, and bridging cultural differences

• eSentire Discovers Hackers Spearphishing Hiring Managers with Resumes Poisoned with More_Eggs Malware

• The greatest threat to our critical infrastructure: Fortune 1000 employees

• Barriers To Entry Must Be Brought Down If More Women Are to Enter Cybersecurity

• FCC warns of steep rise in phishing over SMS

• Traffic Light Protocol 2.0 Brings Wording Improvements, Label Changes

• Debris From SpaceX Dragon Capsule Lands On Australian Farm

• All the Data Amazon’s Ring Cameras Collect About You

• A Growing Number of Malware Attacks Leveraging Dark Utilities ‘C2-as-a-Service’

• Resolving Availability vs. Security, a Constant Conflict in IT

• Emergency Alert System Flaws Could Let Attackers Transmit Fake Messages

• Kevin Gallagher joins CoSoSys as CEO

• DHS Alerts of Critical Vulnerabilities in EAS Devices

• The Technology Behind Patio Heater – How Does It Work

• #ISC2CONGRESS – Why you won’t want to miss it!

• What can we learn from Apple’s new Lockdown mode about the mobile security landscape?

• Zimbra Credential Theft Vulnerability Exploited in Attacks

• Over 60% of Organizations Expose SSH to the Internet

• Hacked crypto startup Nomad offers a 10% bounty for return of funds after $190 million attack

• Amazon Staff In Essex Halt Work Over 3 Percent Pay Rise

• Revealed: The top 11 malware and ransomware strains you need to worry about

• How Businesses Are Affected by Ransomware Attacks

• Twitter Labels Elon Musk’s Counterclaim ‘Factually Inaccurate’

• UK Branded Europe’s “Capital of Card Fraud”

• Mysterious threat actor TAC-040 used previously undetected Ljl Backdoor

• Gaming Cyberattacks Increase by 167% in Last Year

• Threats targeting fintech companies are on the rise

• Chinese Info Ops Campaign Tied to PR Firm

• Ukrainian Law Enforcement Shut Down Large Russian Bot Farm

• VirusTotal Reveals List of Most Mimicked Legitimate Apps in Malware Attacks

• Hackers Exploit Atlassian Confluence Vulnerability to Deploy New ‘Ljl’ Backdoor

• New Linux botnet RapperBot brute-forces SSH servers

• Want your endpoint security product in the Microsoft Consumer Antivirus Providers for Windows ?

• Critical flaws found in four Cisco SMB router ranges – for the second time this year

• Data Protection Bill of 2019 withdrawn by the Indian Government

• Cyber Attacks now being targeted as the next state level weapons

• CISA Adds Zimbra Email Vulnerability to its Exploited Vulnerabilities Catalog

• New infosec products of the week: August 5, 2022

• August 2022 Patch Tuesday forecast: Printers again?

• Aetna Reports Mailing Vendor Hack Affected 326,000

• CORRECTING and REPLACING Digitate’s Intelligent AIOps Platform Achieves HIPAA and GDPR Compliance

• APAC Security Leaders Come Together at SECURE Singapore

• What roles do humans play in cyber breaches

• Top trends in Application Security in 2022

• MI-X: Open source project helps you understand whether you are exploitable

• Risk astute leadership: Converting intelligence into actionable controls

• VIPRE Endpoint Detection and Response protects SMBs against malware and other malicious attacks

• Deep Instinct Prevention for Applications defends mission critical business applications

• VMware Carbon Black Workload strenghtens security posture for AWS customers

• Organizations grew to love Kubernetes: Usage in production is high

• What Is the Difference Between SAST, DAST, and IAST?

• Text messages are federal records and must be saved, DOD orders

• Facebook Says A Cyber Espionage Group Is Spying On Users Via Malware

• Secure Email Encryption from Virtru Competes in 2022 ‘ASTORS’ Awards

• QuestionPro (unverified) – 22,229,637 breached accounts

• Best Encryption Software for 2022

• Keyavi Data raises $13 million to meet market demand for self-protecting data technology

• Flashpoint acquires Echosec Systems to help customers identify and mitigate all types of risk

• HUMAN Security partners with Ping Identity to enable “bot-or-not” decisions within a user’s session

• Kion and Booz Allen Hamilton help government agencies manage their multi-cloud environments

• Seemplicity collaborates with Checkmarx to improve visibility and operational efficiency for organizations

• Bloke robbed of $800,000 in cryptocurrency by fake wallet app wants payback from Google

Generated on 2022-08-06 23:55:27.461859