IT Security News Daily Summary 2022-08-20

• Cyemptive Technologies CEO Named “Cybersecurity CEO of the Year”

• DeepSurface Adds Risk-Based Approach to Vulnerability Management

• Infrastructure as code and your security team: 5 critical investment areas

• Gurucul Returns to Compete in 5th ‘ASTORS’ Homeland Security Awards

• Become a Cybersecurity Expert with 18 New Online Courses @ 98% OFF

• New Grandoreiro Banking Malware Campaign Targeting Spanish Manufacturers

• CISA added 7 new flaws to its Known Exploited Vulnerabilities Catalog

• TA558 Malware Attacks Travel and Hospitality Services

• Fixing cross-chain bridges with confidential computing

• Deploying a Modern Card Program – Mobile Banking App

• CISA Adds 7 New Actively Exploited Vulnerabilities to Catalog

• 5 Ways Big Data Is Impacting The Self-Storage Industry

• Lazarus Attacks Apple’s M1 Chip, Lures Victims Via Fake Job Offers

• Russian-Linked Hackers Target Estonia

• The HEAT Is On, Says Menlo Security

• Janet Jackson’s ‘Rhythm Nation’ Can Crash Old Hard Drives

• ‘RedAlpha’: This Chinese Cyberspy Group is Targeting Governments & Humanitarian Entities

• TA558 cybercrime group targets hospitality and travel orgs

• Build or Buy your own antivirus product

• Google and Apple both release patches against zero‑day vulnerabilities – Week in security with Tony Anscombe

• Hackers Using Bumblebee Loader Malware to Attack Active Directory Services

• Black Hat USA 2022 Closes on a Record Breaking Event in Las Vegas & Online

• PolySwarm Launches Token Rewards For Internet Browsing

• TD SYNNEX Earns 2022 Great Place to Work Certification™

• WolfPAC Essentials centralizes risk management program for lean organizations

• Netsurit Productivity Monitor improves remote work management and employee productivity

• WSO2 Private CIAM Cloud delivers CIAM support for both B2B and B2C demands

• Cybersecurity Solutions Must Evolve, Says Netography CEO

• Patch Now: 2 Apple Zero-Days Exploited in Wild

• Intel Adds New Circuit to Chips to Ward Off Motherboard Exploits

• PIXM: Stopping Targeted Phishing Attacks With ‘Computer Vision’

• Spying on the spies. See what JavaScript commands get injected by in-app browsers

• Explained: Steganography

• Tech support scammers target Microsoft users with fake Office 365 USB sticks

• 2022-08-18 – IcedID (Bokbot) infection

• 2022-08-19 – Files for an ISC diary (Astaroth/Guildma)

• Russia-linked Cozy Bear uses evasive techniques to target Microsoft 365 users

• Redpoint Cybersecurity names David Duncan as VP of Cyber Operations

• BlastWave expands leadership team with new appointments

• Claroty appoints Joshua Corman as VP of Cyber Safety Strategy

• MariaDB acquires CubeWerx to deliver geospatial capabilities for developers

• Critical Amazon Ring Vulnerability Could Expose Camera Recordings

• The 5 best VPN deals right now: August 2022

• Uncovering a ChromeOS remote memory corruption vulnerability

• IT Security News Daily Summary 2022-08-19

• Friday Squid Blogging: The Language of the Jumbo Flying Squid

• How to strengthen the human element of cybersecurity

• Google Fended Off Largest Ever Layer 7 DDoS Attack

• 8 secure file transfer services for the enterprise

• Zero Trust: Security Model for A Fluid Perimeter

• State-Sponsored APTs Dangle Job Opps to Lure In Spy Victims

• Nonprofit Websites Are Full of Trackers. That Should Change.

• Ex-HP finance manager jailed after going on $5m spending spree using company plastic

• FBI Warns of Proxies and Configurations Used in Credential Stuffing Attacks

• Encrypted Messaging Service Hack Exposes Phone Numbers

• BlackByte Ransomware Gang Returns With Twitter Presence, Tiered Pricing

• Virginia Employment Commission struggles with identity theft

• Offensive Security Online Community BBQ Event

• Beware! BlackByte Ransomware is Back With New Version

• How to unlock 1Password on a Mac

• DHS tests new tech that could bring emergency alerts to vehicle screens

• Apple users urged to install latest updates to combat hacking

• Alternatives to facial recognition authentication

• China-backed APT41 Group Hacked at Least 13 Victims in 2021

• A Duty to Disobey?

• Browser vulnerability troubles to Chrome and Safari users Worldwide

• Hackers Steal Session Cookies to Bypass Multi-factor Authentication

• CISA added SAP flaw to its Known Exploited Vulnerabilities Catalog

• iPhone Users Urged to Update to Patch 2 Zero-Days

• Microsoft: Cryptojackers Continue to Evolve to Be Stealthier and Spread Faster

• Report: Facebook Is Profiting On White Supremacist Groups Through Ads

• DoNot Team Hackers Updated its Malware Toolkit with Improved Capabilities

• About That Draft Law Banning Uncle Sam Buying Insecure Software

• Two Years On, Apple iOS VPNs Still Leak IP Addresses

• Apple Security Flaw Actively Exploited By Hackers To Fully Control Devices

• Sudden Crypto Drop Sends Bitcoin To Three Week Low

• More and More Companies Are Getting Hit with Ransomware [2021-2022]

• What is Cloud Access Security Brokerage (CASB)? Definition, Scope, Implementation, and Limitations

• Updates on 3 Bullpen stocks that broke through the meme and retail buzz this week

• Tourism and the metaverse: Towards a widespread use of virtual travel?

• Ring Camera Recordings Exposed Due to Vulnerability in Android App

• 7 key cybersecurity metrics for the board and how to present them

• Hackers Using Bumblebee Loader To Compromise Active Directory Services

• PLCs Exploited by “Evil PLC Attack” to Breach Networks

• Networks Breached via Bumblebee Loader

• Apple Security Flaw Actively Exploited By Hackers

• New PyPi Malware Pkgs Steal Discord And Roblox Credential & Payment Info, Expert Weighs In

• 3 Questions to Ask to Audit Your API

• How EDR Security Supports Defenders in a Data Breach

• Ransomware Group Threatens to Leak Data Stolen From Security Firm Entrust

• China’s Winnti Group Hacked at Least 13 Organizations in 2021: Security Firm

• Top 10 cybersecurity interview questions and answers

• Apple Warns of Critical Security Risk in Safari For iPhones, iPads and Macs

• Cyber Resiliency Isn’t Just About Technology, It’s About People

• Cybercrime Group TA558 Targeting Hospitality, Hotel, and Travel Organizations

• Cloud security: Increased concern about risks from partners, suppliers

• iOS Can Stop VPNs From Working as Expected—and Expose Your Data

• Tech Industry Leaders React To A Level Results

• Google: Here’s how we blocked the largest web DDoS attack ever

• OFAC Around and Find Out

• Google Staff Demand Protections, Amid State Abortion Bans

• Cybersecurity M&A Roundup for August 1-15, 2022

• Google Blocks Record-Setting DDoS Attack That Peaked at 46 Million RPS

• Google Cloud Blocks Record DDoS attack of 46 Million Requests Per Second

• LATEST CYBERTHREATS AND ADVISORIES – AUGUST 19, 2022

• Apple Security Flaw Being Actively Exploited

• 10 top cybersecurity online courses and certifications in 2022

• A flaw in Amazon Ring could expose user’s camera recordings

• Businesses Found to Neglect Cybersecurity Until it is Too Late

• Ring App Vulnerability Urgently Patched by Amazon

• U.S. Cyber Command deploys defensive operators to Croatia to hunt for malicious cyber activity

• Entrust Allegedly Hit with LockBit Ransomware

• UK Water Provider Targeted by Clop Group Ransomware

• Yale University Names Firms Still Operating In Russia

• SAP Vulnerability Exploited in Attacks After Details Disclosed at Hacker Conferences

• Chinese Cyberspy Group ‘RedAlpha’ Targeting Governments, Humanitarian Entities

• 8 Ways Technology Has Improved The Mortgage Industry

• Estonia Repels Biggest Cyber-Attack Since 2007

• New Amazon Ring Vulnerability Could Have Exposed All Your Camera Recordings

• Back to school shopping cybersecurity 101

• UK Carrier Claims to Block One Million Vishing Calls Per Day

• 35 Malware Android Apps With over 2 million Installation Found on the Google Play Store

• Safeguard your iPhones, iPads and Macs: Apply these security updates now

• Cyber Tops Staff Retention as Biggest Business Risk

• Cisco fixes High-Severity bug in Secure Web Appliance

• Bumblebee attacks, from initial access to the compromise of Active Directory Services

• Two years on, Apple iOS VPNs still leak IP addresses

• Want your endpoint security product in the Microsoft Consumer Antivirus Providers for Windows ?

• Fitbit’s having a bad summer

• Estonia blocked cyberattacks claimed by Pro-Russia Killnet group

• Exploiting stolen session cookies to bypass multi-factor authentication (MFA)

• UK 5G Network company EE blocks 200 million phishing texts

• Lockbit takes claim for Entrust Ransomware Attack

• Amazon Patches Ring Android App Flaw Exposing Camera Recordings

• CISA’s cyber info sharing program didn’t always deliver, watchdog says

• How merchants can defend themselves against Magecart attacks

• New infosec products of the week: August 19, 2022

• Deploying a Modern Card Program – Card Issuing Platform

• The dos and don’ts of startup security: How to develop a security plan

• Credential harvesting: Is it too big of an attack or can you fight back?

• A civil servant’s effort to humanize government, one fed at a time

• Cobalt Iron Ranks High Among Leaders in GigaOm 2022 Radar Report for Enterprise Hybrid Cloud Data Protection

• Latest Cyberthreats and Advisories – August 5, 2022

• #ISC2CONGRESS – Why you won’t want to miss it!

• Cybercriminals are using bots to deploy DDoS attacks on gambling sites

• OpenFHE: Open-Source Fully Homomorphic Encryption

• Weekly Update 309

• How do cybercriminals steal credit card information?

• Cloudera CDP One accelerates data science programs with built-in enterprise security and ML

• Tenacity platform enhancements provide visibility into entire AWS and Azure cloud infrastructure

• Absolute boosts Secure Endpoint portfolio with resilience and intelligence capabilities

• The truth about that draft law banning Uncle Sam buying insecure software

• 3M COMPLY Magnetic Attach for Monitors protects sensitive and confidential data on monitor displays

• CircleCI Visual Configuration Editor allows teams to visualize and streamline complex workflows

• Apricorn Aegis Secure Key 3 addresses constantly evolving security threats

• Bitwarden releases SCIM support to expand directory and identity provider integration options

• Opsera unveils SaaS DevOps capabilities to improve agility and security posture for enterprises

• SynSaber raises $13 million to improve industrial asset and network monitoring solution

• TXOne Networks raises $70 million to defend industry verticals against cybersecurity threats

• ManageEngine and Sectigo join forces to automate certificate lifecycle management

• Fortanix External Key Manager pairs with Google Cloud Platform to help users tackle privacy challenges

• Banorte – 2,107,000 breached accounts

• Urgent update for macOS and iOS! Two actively exploited zero-days fixed

• Bad rhythm: Janet Jackson song resonates poorly with some old hard drives

• How IT teams can prevent phishing attacks with Malwarebytes DNS filtering

• Attackers waited until holidays to hit US government

• Business Services industry targeted across the country for backdoor access

Generated on 2022-08-20 23:55:25.648495

Liked it? Take a second to support IT Security News on Patreon!