IT Security News Daily Summary 2022-08-22

• Why getting endpoint security right is crucial

• Palo Alto shares jump, after revenue and earnings beat estimates

• Microsoft recognized as a Leader in the 2022 Gartner® Magic Quadrant™ for Unified Endpoint Management Tools

• Why Apple products are more vulnerable than ever to security threats

• More than half of OT cyber threats used USB drives, report finds

• Interstate cyber command center expands

• Colorado county recovering from cyberattack

• Hiding a phishing attack behind the AWS cloud

• For Penetration Security Testing, Alternative Cloud Offers Something Others Don’t

• Metasploit Creator Renames His Startup and IT Discovery Tool Rumble to ‘runZero’

• Microsoft recognized as a Leader in the 2022 Gartner® Magic Quadrant™ for Unified Endpoint Management Tools

• Vulnerability In FreeIPA System Could Expose User Credentials

• Apple Fixed Two Zero-Day Vulnerabilities Affecting Both iOS And macOS

• New report warns of growing ‘data divide’

• Metasploit Creator Renames His Startup and IT Discovery Tool Rumble ‘runZero’

• Microsoft recognized as a Leader in the 2022 Gartner® Magic Quadrant™ for Unified Endpoint Management Tools

• Warning over Java libraries and deserialization security weaknesses

• TikTok’s In-App Browser Can Monitor Your Activity on External Websites

• More Apps for Younger Users Emerging. Here’s What Parents Need to Know.

• Why automation is crucial for security and compliance

• Java libraries are riddled with deserialization security holes

• Cookie theft threat: When Multi-Factor authentication is not enough

• Microsoft recognized as a Leader in the 2022 Gartner® Magic Quadrant™ for Unified Endpoint Management Tools

• Security Training: Moving on from Nick Burns Through Better Communication

• Sophos Identifies Potential Tag-Team Ransomware Activity

• Google’s Scans of Private Photos Led to False Accusations of Child Abuse

• Microsoft recognized as a Leader in the 2022 Gartner® Magic Quadrant™ for Unified Endpoint Management Tools

• Cyber is a team sport–here’s how the public and private sectors can play together

• Vulnerability Summary for the Week of August 15, 2022

• Microsoft recognized as a Leader in the 2022 Gartner® Magic Quadrant™ for Unified Endpoint Management Tools

• RTLS Systems Found Vulnerable to MiTM Attacks & Location Manipulation

• CEO of spyware vendor NSO Group steps down

• InQuest: Adding File Detection and Response to the Security Arsenal

• CISA Updates Advisory on Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite

• Vulnerability Summary for the Week of August 15, 2022

• European Cybersecurity in Context: A Policy-Oriented Comparative Analysis

• Microsoft recognized as a Leader in the 2022 Gartner® Magic Quadrant™ for Unified Endpoint Management Tools

• Attackers using fake Cloudflare DDoS protection popups to distribute malware

• Novant Health Says Malformed Tracking Pixel Exposed Health Data to Meta

• CISA Updates Advisory on Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite

• 8-year-old Linux Kernel flaw DirtyCred is nasty as Dirty Pipe

• Microsoft recognized as a Leader in the 2022 Gartner® Magic Quadrant™ for Unified Endpoint Management Tools

• PayPal Invoices Used for Data Theft

• 13 common types of cyber attacks and how to prevent them

• UK Official Says Facebook Risks “Grotesque Betrayal” Of Children If It Doesn’t Create Safeguards Against Abuse

• Secureworks: How To Distinguish Hype From Reality With AI in SecOps

• Microsoft recognized as a Leader in the 2022 Gartner® Magic Quadrant™ for Unified Endpoint Management Tools

• Laptop denial-of-service via music: the 1980s R&B song with a CVE!

• Group-IB CEO will remain in jail – complaint denied

• Microsoft recognized as a Leader in the 2022 Gartner® Magic Quadrant™ for Unified Endpoint Management Tools

• New semiconductor law aims to create ‘Silicon Valleys’ across US

• CEO of Blacklisted Israeli Spyware Maker NSO Steps Down

• Tanium: Taking A Deeper Cut At Converged Endpoint Management

• CISA Adds One Known Exploited Vulnerabilities to Catalog

• 3 Benefits of Using Consolidated Platforms in Cybersecurity

• Hotel and Travel Businesses Attacked by Cybercriminals Using Bogus Reservations

• Microsoft recognized as a Leader in the 2022 Gartner® Magic Quadrant™ for Unified Endpoint Management Tools

• LockBit gang hit by DDoS attack after threatening to leak Entrust ransomware data

• Onapsis Report: Flaws to be Fixed Immediately

• AT&T and Lookout expand partnership with launch of Lookout AlienApp

• How to protect your organization from ransomware-as-a-service attacks

• CISA Adds One Known Exploited Vulnerabilities to Catalog

• Fake Reservation Links Prey On Weary Travelers

• Why The Pentagon Remains Both The Best And Worst Customer For Tech Innovators

• Israeli Spyware Company NSO Group CEO Steps Down

• Zoom Patches Make-Me-Root Security Flaw, Patches Patch

• Multilingual Cybersecurity Awareness Training adapted for your needs

• Black Hat USA 2022 & DEF CON 30: Highlights, Key Findings & Notable Trends

• Escanor RAT Malware Deployed Via Microsoft Office and PDF Documents

• Pentera Helps Enterprises Reduce Their Security Exposure

• Researchers Find Counterfeit Phones with Backdoor to Hack WhatsApp Accounts

• Your organization needs regional disaster recovery: Here’s how to build it on Kubernetes

• Fake DDoS Protection Prompts on Hacked WordPress Sites Deliver RATs

• Getting started with Red Hat Insights malware detection

• Cisco: All Intelligence is Not Created Equal

• “As Nasty as Dirty Pipe” — 8 Year Old Linux Kernel Vulnerability Uncovered

• Airstrikes, Civilian Casualties, and the Role of JAGs in the Targeting Process

• Hackers Exploit Zero-Day Bug, Steal Crypto from Bitcoin ATMs

• CISA or CVSS: How Today’s Vulnerability Databases Work Together

• How cybersecurity vendors are misrepresenting zero trust

• Fake Reservation Links Prey on Weary Travelers

• Many Media Industry Vendors Slow to Patch Critical Vulnerabilities: Study

• Textile Company Sferra Discloses Data Breach

• Threat Actor Deploys Raven Storm Tool to Perform DDoS Attacks

• Identity Security Pain Points and What Can Be Done

• Encrypted Traffic Analysis: Mitigating Against The Risk Of Encryption

• How Qualys Reduces Risk and Enables Tool Consolidation

• US Government Bans Insecure Software

• Biggest Sovereign Wealth Fund In The World: “Cybersecurity Is #1 Concern”

• Google Play Store Serving Up Chameleon-like Apps

• Expert Commentary: LockBit Ransomware Gang Attacks Entrust

• Lloyds Of London Ends Insurance Coverage For State Cyber Attacks, Expert Weighs In

• Cyber Signals: Defend against the new ransomware landscape

• Barmak Meftah Joins Stellar Cyber, Innovator of Open XDR, as Board Advisor

• Hackers are using this sneaky exploit to bypass Microsoft’s multi-factor authentication

• Microsoft: How we unearthed a critical flaw in ChromeOS, and how Google fixed it

• New Open Source Tool Shows Code Injected Into Websites by In-App Browsers

• Lloyd’s of London Introduces New War Exclusion Insurance Clauses

• Meet Borat RAT, a New Unique Triple Threat

• Fake DDoS protection pages are delivering malware!

• Russian APT Group Attack Microsoft 365 users Abusing Azure Services

• Why are Millennials are more likely to engage in trolling?

• New to Cybersecurity? Use These Career Hacks to Get a Foot in the Door

• A Security Team’s Most Critical Skill? No-Code Automation

• Role of AI and ML in DevOps Transformation

• CEO of Israeli Pegasus Spyware Firm to Step Down

• Microsoft Shares Details on Critical ChromeOS Vulnerability

• Expiring Root Certificates Threaten IoT in the Enterprise

• Hyundai Uses Example Keys for Encryption System

• No, facial recognition AI can’t read your mood

• Cryptojackers Continue to Spread Across Computers Globally

• General Bytes Suffer Cyberattack

• Zero-day Vulnerability Abused by Cybercriminals to Steal Crypto from Bitcoin ATMs

• Inside the World’s Biggest Hacker Rickroll

• Russia Warns Foreign Tech Firms Over Content Law Breaches

• Taiwan Semiconductor Veteran Wary Of ‘Anti-China’ Chip Pact

• Security is hard and won’t get much easier

• RTLS Systems Found Vulnerable to MiTM Attacks and Location Tampering

• Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 15, 2022

• DDoS Protection Weaponized to Deliver RATs

• Escanor malware delivered in weaponized Microsoft Office documents

• Expert Questions Musk Twitter Bot Figures Amidst Legal Battle

• Samsung Breaks Ground On $15bn Semiconductor Complex

• Bitcoin, Cryptocurrencies Wracked By Fresh Volatility

• Xiaomi Posts 20 Percent Sales Drop Amidst Covid Restrictions

• Stablecoin Tether Touts $66.4bn In Reserves After $16bn Sell-Off

• Hackers Target ATM Maker for Bitcoins

• Car Dealership Hit by Major Ransomware Attack

• Businesses expect the government to increase its financial assistance for all ransomware incidents

• Researchers Discover Multiple Vulnerabilities Affecting Ultra-wideband RTLS

• Software developers, how secure is your software ?

• Escanor Malware delivered in Weaponized Microsoft Office Documents

• Hackers Stole Crypto from Bitcoin ATMs by Exploiting Zero-Day Vulnerability

• Donot Team cyberespionage group updates its Windows malware framework

• Zoom patches make-me-root security flaw, patches patch

• Janet Jackson Music video crash hard drives in laptops

• Google blocks worlds largest DDoS Cyber Attacks

• Largest Layer 7 DDOS Attack Recorded By Google with 46 Million Requests Per Second

• New semiconductor law aims to create ‘Silicon Valleys’ across U.S.

• DDoS tales from the SOC

• NSO Group CEO steps down, 100 employees let go too

• A union is urging support for TSA workforce reform in the defense policy bill

• How vulnerable supply chains threaten cloud security

• Disk wiping malware knows no borders

• What type of fraud enables attackers to make a living?

• NSW Telco Authority Extends its Investment in Emergency Management and Community Safety

• LATEST CYBERTHREATS AND ADVISORIES – AUGUST 12, 2022

• Biometrics: The Future of Airport Technology

• Email and cybersecurity: Fraudsters are knocking

• Drata Risk Management provides organizations with a central view of all potential risks

• Fake DDoS protection pages on compromised WordPress sites lead to malware infections

• Critical infrastructure is under attack from hackers. Securing it needs to be a priority – before it’s too late

• IT Security News Weekly Summary – Week 33

• IT Security News Daily Summary 2022-08-21

• Ring App Vulnerability Could Expose User’s Phone Data

• 3 Ways Asset Management Companies Can Reduce Cyber Risk

• A Modern Cybersecurity Fight Requires a Modern Approach to Regulatory Oversight

• Mimecast: Mitigating Risk Across a Complex Threat Landscape

• Spanish Banking Trojan Attacks Various Industry Verticals

• Container vs. VM Security: Which Is Better?

• Threat actors are stealing funds from General Bytes Bitcoin ATM

• Third-party app attacks: Lessons for the next cybersecurity frontier

• Sophos: Employing Stolen Session Cookies to Navigate MFA & Access Networks

• FBI Alerts About Credential Stuffing Attacks, Configurations and Proxies Used

• The Forensic Technology Behind Your Favourite T.V Detectives

• #ISC2Congress Theme: EMPOWER

• The Gender Pay Gap Is a National Security Threat

• Microsoft Facing a Growing Threat by Cryptojackers.

• Banyan Recommends Phased Approach When Introducing Zero Trust

• They both used Apple AirTags to track their possessions. Only one turned out well

• The Low Threshold for Face Recognition in New Delhi

• ZTNA: What Is It, and How Does It Encourage Thinking Like a Hacker?

• Grandoreiro banking malware targets Mexico and Spain

• Week in review: Apple fixes exploited zero-days, 1,900 Signal users exposed, Amazon Ring app vuln

• Penetration testing

• White hat hackers broadcasted talks and hacker movies through a decommissioned satellite

• Most Important Computer Forensics Tools for Hackers and Security Professionals

• Julian Waits and Patrick Duggan join PIXM Board of Directors

Generated on 2022-08-22 23:55:21.434171