IT Security News Daily Summary 2022-08-29

• Control insider threats with data loss prevention and user activity monitoring

• Collaboration, training key to local gov cyber defense, officials say

• corporate governance

• US FTC sued US data broker Kochava for selling sensitive and geolocation data

• Defense Department Finally Prioritizes Civilians in Conflict

• What Can We Learn From The OpenSea Data Breach?

• Password Manager With 25 Million Users Confirms Breach, Expert Weighs In

• Microsoft 365 Business Users Targeted With New DocuSign Phishing Scam

• 64% Of Businesses Suspect They’re Targets Of Nation-State Attacks- Expert Comments

• Facebook Agrees To Settle Cambridge Analytica Data Privacy Lawsuit At The Last Minute

• Content Anarchy: The Lurking Security Risk in A Digital-First World

• Crisis Point

• What Are the Top 10 Android Educational Apps That Collect Most User Data?

• OMB prioritizes CX in budget planning

• Receipt for €8M iOS Zero-Day Sale Pops Up on Dark Web

• +Malicious Cookie Stuffing Chrome Extensions with 1.4 Million Users

• HHS dinged on security from all sides

• Digital hygiene, cyber workforce needed to combat ransomware

• Former NY state employee admits to identity theft, abusing IT access

• Security investment, toolchain consolidation emerge as top priorities

• New Golang-based ‘Agenda Ransomware’ Can Be Customized For Each Victim

• Securing identities in the cloud: 2 new studies give us the state of play

• The LastPass breach could have been worse — what CISOs can learn

• What’s going on at NITAAC

• Critical hole in Atlassian Bitbucket allows any miscreant to hijack servers

• Okta Impersonation Technique Could be Utilized by Attackers

• Over-the-Horizon Drones Line Up But Privacy Is Not In Sight

• NHS 111 Cyberattack may Harm Patients Privacy

• Whistleblower Charged Twitter for Cybersecurity Misconduct

• LastPass source code breach – do we still recommend password managers?

• From bits to p-bits: One step closer to probabilistic computing

• Over-the-horizon drones line up but privacy is not in sight

• Karl Mathias settles in at HHS

• 3 Ways No-Code Developers Can Shoot Themselves in the Foot

• Wireless tech monitors soil moisture in real time

• 77% Of Security Leaders Fear We’re In Perpetual Cyberwar Now

• Governments Embrace Internet Shutdowns As A Form Of Control

• You Can Now Play Doom In The Tamagotchi-Like Hacking Device

• Elon Musk Subpoenas Twitter Whistleblower, Seeking Info On Spam, Security

• Politics and Prosecutorial Discretion in the Trump Case

• Evaluating the Jan. 6 Committee’s Evidence

• Over-the-horizon drones lineup but privacy is not in sight

• Crypto miners’ latest techniques

• Cyber-Insurance Firms Limit Payouts, Risk Obsolescence

• Hackers Make Fake Cthulhu Website to Distribute Malware

• Multilingual Cybersecurity Awareness Training adapted for your needs

• Blackhat USA 2022: Return to Sender – Detecting Kernel Exploits with eBPF

• ‘Tape or Chewing Gum:’ Twitter’s Lapses Echo Worldwide

• Okta Says Customer Data Compromised in Twilio Hack

• Galois Open Sources Tools for Finding Vulnerabilities in C, C++ Code

• NATO Investigates Dark Web Leak of Data Stolen from Missile Vendor

• Twilio breach let attackers access Authy two-factor accounts of 93 users

• Kiwi Farms Goes Offline amid DDoS Attack and Hosting Issues

• A Beginner’s Guide to Understanding Encryption Vs Decryption

• Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

• How to protect your privacy on Reddit

• Levels of Assurance for DoD Microelectronics

• Cybersecurity Solution Highlights From Black Hat 2022

• How Cybersecurity Policy Has Changed Since the SolarWinds Attack

• Global Ransomware Damages to Exceed $30bn by 2023

• The 3 Questions CISOs Must Ask to Protect Their Sensitive Data

• US Cyber Command and NSA Partner On Defence Efforts For Midterms Elections

• Nitrokod crypto miner infected systems across 11 countries since 2019

• (ISC)² Certified in Cybersecurity Entry-Level Certification Officially Launches!

• Dell, Ericsson To End All Business In Russia

• What Is Encryption and How Does It Work?

• A CISO’s Ultimate Security Validation Checklist

• Nitrokod Crypto Miner Infected Over 111,000 Users with Copies of Popular Software

• LockBit Malware Group Threatens with Triple Extortion

• Tech Investors Mull Newport Wafer Fab Rescue Bid – Report

• Patch critical flaw in Atlassian Bitbucket Server and Data Center! (CVE-2022-36804)

• Details Disclosed for OPC UA Vulnerabilities Exploited at ICS Hacking Competition

• Malicious Plugins Found on 25,000 WordPress Websites: Study

• The Telegram-Powered News Outlet Waging Guerrilla War on Russia

• Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 22, 2022

• Printers: The underestimated danger inside your company

• COVID-19 data put for sale on the Dark Web

• Meta Settles Cambridge Analytica Lawsuit

• Fired Amazon Union Organiser Alleges Retaliation

• Samsung Germany Tells User To Smash SSD With Hammer

• Threat Actors Moving to Sliver Command-and-Control (C2) to Evade Detection

• Black Hat USA 2022 Continued: Innovation in the NOC

• Black Hat USA 2022: Creating Hacker Summer Camp

• CISA adds 10 new flaws to its Known Exploited Vulnerabilities Catalog

• NetworkManager 1.40 released, features 600 patches

• Jack Dorsey – Biggest Twitter Regret Was Forming Company

• Twilio Breach Also Compromised Authy Two-Factor Accounts of Some Users

• Scammers used a deepfake AI hologram of Binance executive to scam crypto projects

• Resecurity partners with ECOMIL SAS to improve cybersecurity for Colombian organizations

• Software developers, how secure is your software ?

• COVID-19 data put for sale on Dark Web

• CISA Adds 10 New Known Actively Exploited Vulnerabilities to its Catalog

• The complexity of modern aircraft cybersecurity

• Data security hinges on clear policies and automated enforcement

• North Korea Kimsuky accurately targets victims with malware

• Cyber Attack news headlines trending on Google

• PyPI Alerts of First-ever Phishing Campaign Against its Users

• Attackers changing targets from large hospitals to specialty clinics

• Creating cyber career opportunities during the talent shortage

• Microsoft 365 Empowers Business Users to Shoot Themselves in the Foot

• Rise in IoT vulnerability disclosures, up 57%

• NATO Probes Hackers Selling Data from Top Missile Firm MBDA

• Key Points from the IBM Cost of a Data Breach Report 2022

• Surveillance firm’s leaked docs show the purchase of an $8M iOS RCE zero-day exploit

• IT Security News Weekly Summary – Week 34

• IT Security News Daily Summary 2022-08-28

• How to protect your business from cyberattacks with XDR

• DoorDash Data Breach Linked with Twilio Hackers

• Ransomware Resiliency for Storage & Backup: Trends, Threats & Tips

• USMC Cyberspace Ops Redesignated to Information Maneuver OCCFLD

• Atlassian Bitbucket: Vulnerability Spotted Inside Data Center

• Iran Based MuddyWater Attacks Israel Companies

• Montenegro’s State Infrastructure Struck by Cyber Attack Officials

• Experts warn of the first known phishing attack against PyPI

• Cutting Off Financing for the Next Capitol Insurrection

• How to Prevent High Risk Authentication Coercion Vulnerabilities

• Security Affairs newsletter Round 381

• Week in review: RCE bug in GitLab patched, phishing PyPI users, Escanor malware in MS Office docs

• Penetration testing

• New Agenda Ransomware appears in the threat landscape

• How to reduce your exposure & secure your data in the cloud in 5 quick ways

• 5 Signs your WordPress Site is Hacked (And How to Fix It)

Generated on 2022-08-29 23:55:26.397154