IT Security News Daily Summary 2023-02-03

• Research Exposes Azure Serverless Security Blind Spots

• New APT34 Malware Targets The Middle East

• 6 Ransomware Trends & Evolutions For 2023

• Cybersecurity organizations fight back against rise of emotet and omnatuor malvertising

• How APIs are shaping zero trust, and vice versa

• How endpoint management can transform retail

• A call for data-first security

• The black hat hacker trap: Why unethical hacking lures young people

• Where states can learn to turn data into decisions

• Iran-Backed Actor Behind ‘Holy Souls’ Cyberattack on Charlie Hebdo, Microsoft Says

• Friday Squid Blogging: Studying the Colossal Squid

• Big China Spy Balloon Moving East Over US, Pentagon Says

• Watchdog Group Issues Warning About Scam Financial Influencers On Facebook

• School District 42 – 18,850 breached accounts

• Content Delivery Network (CDN) FAQs

• NIST researcher calls for further evaluation of the AI impact on humans

• How to solve customer-service language barriers with virtual queuing

• The importance of data retention policies

• WebAuthn API

• Remote Debugging Dangers and Pitfalls

• Check Point Software Join Forces with Samsung to Elevate Mobile Security

• Auditing and logging policy

• TechRepublic Premium editorial calendar: IT policies, checklists, toolkits and research for download

• Why CISOs Should Care About Brand Impersonation Scam Sites

• What CISOs Can Do About Brand Impersonation Scam Sites

• A Hacker’s Mind News

• How to protect your business from supply chain attacks

• Up to 10 million people potentially impacted by JD Sports breach

• GitHub revokes several certificates after unauthorized access

• Malwarebytes earns AV-TEST Top Product awards for fifth consecutive quarter

• Fast-evolving Prilex POS malware can block contactless payments

• LockBit brags it pumped ION full of ransomware

• Guy accused of wrecking crypto exchange now hauled into court

• OpenSSH fixes double-free memory bug that’s pokable over the network

• Exploitation attempts for Oracle E-Business Suite flaw observed after PoC release

• Another RAC staffer nabbed for storing, sharing car crash data

• Guy accused of crashing crypto exchange now hauled into court

• Google Fi User Data Breached Through T-Mobile Hack

• Check Point Software takes 1st Place in Independent Test of Top Network Firewalls

• Government watchdog warns on cyber weakness

• Hoyer takes up post as top Dem on key approps subcommittee

• 10 steps to future water sustainability

• Dashboard helps city track diversity, equity, inclusion progress

• The headache of changing passwords

• How to build an incident response plan, with examples, template

• Inside Killnet: Pro-Russia Hacktivist Group’s Support and Influence Grows

• Greater Incident Complexity, Shift in How Threat Actors Use Stolen Data, Will Drive the Cyber Threat Landscape in 2023, Says Beazley Report

• CISA to Open Supply Chain Risk Management Office

• Nearly All Firms Have Ties With Breached Third Parties

• Pro-Russia Killnet group hit Dutch and European hospitals

• Google boosts bounties for open source flaws found via fuzzing

• Why you still need security alongside your API Gateway

• Malicious Reward Apps Trick Over 2 Million Android Users

• Digital Health Company Allegedly Sold Sensitive Health Information To Facebook

• Reduce Data Breaches by Adding a Data Privacy Vault to Your HealthTech App Architecture

• R&D funding vehicle could supercharge small biz innovation programs

• Data sharing initiatives slowly gaining traction

• Singapore, EU digital pact to cover ‘all areas’ of bilateral cooperation

• Flipper Zero: How to install third-party firmware (and why you should)

• OneNote documents spread malware in several countries

• New cybersecurity BEC attack mimics vendors

• What reverse shell attacks are and how to prevent them

• Password-stealing “vulnerability” reported in KeePass – bug or feature?

• Vista Equity Partners Completes Acquisition of KnowBe4

• Radiant Logic Signs Definitive Agreement to Acquire Brainwave GRC

• MITRE Releases Tool to Design Cyber-Resilient Systems

• Researchers Uncover New Bugs in Popular ImageMagick Image Processing Utility

• Civil Society Organizations Call on the House Of Lords to Protect Private Messaging in the Online Safety Bill

• The Breadth of the Fediverse

• Microsoft sweeps up after breaking .NET with December security updates

• Chinese ‘surveillance balloon’ over US causes fearful gasbagging

• Protect Your Online Data Now, Rather than Waiting for the Government

• Bitwarden Password Manager will add support for Argon2 KDF soon

• MalVirt Loaders Exploit .NET Virtualization to Deliver Malvertising Attacks

• Taking the next step: OSS-Fuzz in 2023

• LATEST CYBERTHREATS AND ADVISORIES – FEBRUARY 3, 2023

• Is it forensics or is it junk science?

• Va. regulators propose easing emission limits for data centers over power transmission concerns

• IBM, NASA will use AI to improve climate change research

• Microsoft: We are tracking these 100 active ransomware gangs using 50 types of malware

• How to use BeEF, the Browser Exploitation Framework

• Beating the Odds: 3 Challenges Women Face in the Cybersecurity Industry

• VMware Releases Security Update for VMware vRealize Operations

• Attackers Abuse Microsoft’s Verified Publisher Status To Steal Data

• Apple’s Focus On Secrecy Violated Employee Rights

• SBF Barred From Contacting FTX Employees Via Signal

• Netflix’s New Password Sharing Restrictions Are Confusing

• DarkTrace’s Shares Dive As Short Sellers Circle

• It Was Smart for an AI

• C can be memory-safe

• Table Stakes Security Services for 2023

• Chinese surveillance balloon over US causes fearful gasbagging

• The Unheard Story of a Crippling Ransomware

• Britain Government With Robust Crypto Regulation

• High-Severity Privilege Escalation Vulnerability Patched in VMware Workstation

• Atlassian Warns of Critical Jira Service Management Vulnerability

• Cyber Insights 2023: Venture Capital

• Former Ubiquiti Employee Who Posed as Hacker Pleads Guilty

• 4 identity predictions for 2023

• Atlassian Patches Critical Authentication Flaw in Jira Software

• What Is Encryption as a Service (EaaS)? A Definitive Guide

• Top 10 SOAR Tools to Enhance Your SecOps Experience

• TD SYNNEX Named a 2023 Fortune World’s Most Admired Company

• Latest Cyberthreats and Advisories – January 20, 2023

• Anker Confirms Eufy Cameras Not Fully Encrypted, Raising Concerns

• Key Firefox and Android updates you need to be aware of

• UK Government Details Plan To Regulate Crypto, Post FTX

• EV Charging Stations at Risk of DoS Attacks

• Hackers Abuse Microsoft’s ‘Verified Publisher’ OAuth Apps to Hack Organizations Cloud

• Report: 6 keys for successful government crisis contact centers

• Fortra’s Terranova Security 2022 Gone Phishing Tournament Results Reveal Large Organizations at Highest Risk of Compromising Data

• Contrast Security Launches Alliance Program to Change the Way Customers Scale Their Security Solutions

• Command-Injection Bug in Cisco Industrial Gear Opens Devices to Complete Takeover

• Gem Security Emerges From Stealth With $11M, Unveils Cloud TDIR Platform for Faster Response to Cloud Threats

• Scores of Redis Servers Infested by Sophisticated Custom-Built Malware

• The Pivot: How MSPs Can Turn a Challenge Into a Once-in-a-Decade Opportunity

• New Prilex PoS Malware evolves to target NFC-enabled credit cards

• Hacking Group: Darkweb Developers Are In High Demand

• What Is Ethical Hacking? An Introduction to the Concept

• Server-Side Request Forgery Attack Explained: Definition, Types, Protection

• How Can Technology Help Reduce Carbon Emissions?

• North Korean Cybercriminals Attempt to Steal $27M in ETH

• Northern European Criminals Copy the Lockbit Gang

• Titan-Stealer: A New Golang-based Info-Stealer Malware

• Insider Attacks Becoming More Frequent, And Difficult Gurucul Report

• Where Do the Most Ransomware Attacks Take Place in the United States?

• Australia entities suffer Cyber Attacks and QUAD update

• New Credential-Stealing Campaign By APT34 Targets Middle East Firms

• Post-Macro World Sees Rise in Microsoft OneNote Documents Delivering Malware

• Is Your EV Charging Station Safe? New Security Vulnerabilities Uncovered

• Airbnb is making a simple, but big booking change bringing it closer to hotel check-in

• Corvus Supercharges Cyber Underwriters with Corvus Risk Navigator™

• Apple To Launch ‘Folding iPad’ In 2024 – Report

• Introduction to Azure Data Lake Storage Gen2

• Contain Breaches and Gain Visibility With Microsegmentation

• Red Hat gives an ARM up to OpenShift Kubernetes operations

• Gem Security shows detection and response key to cloud security, raises $11M

• Microsoft warning: These phishing attackers used fake OAuth apps to steal email

• The dark side of Optimize Mac Storage: What you need to know if you rely on it

• Google Fi Users Caught Up in T-Mobile Breach

• ManageEngine Study Finds United States Enterprises Hit by Short-Staffed Security Operations Centers

• KnowBe4 to Offer $10,000 to Black Americans in Cybersecurity Scholarship

• Application Security Must Be Nonnegotiable

• Experts Warn of ‘Ice Breaker’ Cyberattacks Targeting Gaming and Gambling Industry

• Central Bank Immunity, Afghanistan, and Judgments Against the Taliban

• Safer Internet Day: Experts Reveal 7 Tips To Avoid DeepFake Scams

• OilRig Hackers Exfiltrate Data From Govt. Agencies Using New Backdoors

• Hive Ransomware: A Detailed Analysis

• New Versions of Prilex POS Malware Can Block Contactless Transactions

• Russian Hacktivists Target US and Dutch Hospitals

• How Crypto & Blockchain Technology Changed the Way Casinos Do Business

• Bridging the 3.4 Million Workforce Gap in Cybersecurity

• How the Cloud Is Shifting CISO Priorities

• VMware Workstation update fixes an arbitrary file deletion bug

• Hate It When That Happens: China Says It’s Checking If It Accidentally Sent A Spy Balloon To Montana

• HeadCrab Malware Compromised 1,200 Redis Servers

• Passion Botnet Cyberattacks Hit Healthcare

• Former Ubiquiti Dev Pleads Guilty In Data Theft And Extortion Case

• Top 5 Video Games Of 2022 According To Gamers

• Influence of Digitalization on IT Admins

• Corvus Supercharges Cyber Underwriters with Corvus Risk Navigator™

• New SH1MMER ChromeOS Exploit Jailbreaks Chromebooks

• KeePass Password Manager Vulnerability: Is Your Data at Risk?

• LastPass Hack-Proof: How to Up Your Security Game Instantly

• PayPal To Axe 7 Percent Of Workforce

• China “Deeply Concerned” At US Halt Of Export Licences For Huawei

• Alphabet Earnings Miss Expectations, As YouTube Declines

• Strengthening security on my Apple account!

• The New DevOps Performance Clusters

• ChatGPT: Is its use of people’s data even legal?

• Why confidential computing will be critical to (not so distant) future data security efforts

• Rising ‘Firebrick Ostrich’ BEC Group Launches Industrial-Scale Cyberattacks

• Enter the Hunter Satellites Preparing for Space War

• New SH1MMER Exploit for Chromebook Unenrolls Managed ChromeOS Devices

• Global Technology Products, U.S. Security Policy, and Spectrums of Risk

• Digital Project Design Brief: A Key to Effective Partnership

• Specifically, Targeted VMware RCE Vulnerabilities

• Microsoft Azure Key Vault Service

• Tougher cybersecurity rules may be more than a year away—but don’t wait to get ready

• MITRE Releases Tool to Design Cyber Resilient Systems

• Atlassian fixed critical authentication vulnerability in Jira Software

• Electric Vehicle Vulnerabilities Can Allow Hackers To Disrupt System, Cause Energy Theft

• Corvus Supercharges Cyber Underwriters with Corvus Risk Navigator™

• Amazon Still Selling T95 TV Box with Pre-Installed Malware

• GitHub Breach – Hackers Stole Code Signing Certificates From Repositories

• The Rise of the Code Package Threat

• Nvidia CSO: Generative AI, ChatGPT has made security a ‘cat and mouse’ game

• Firms fear software stack breach as attack surface widens

• ​​Key Insights From the Guide to Cybersecurity Trends and Predictions for 2022-23

• The State of the US National Cybersecurity Strategy for the Electric Grid

• Prilex PoS Malware Evolves to Block Contactless Payments to Steal from NFC Cards

• Auditing Kubernetes with Open Source SIEM and XDR

• Nevada Ransomware Has Released Upgraded Locker

• New LockBit Green ransomware variant borrows code from Conti ransomware

• Threat Actors Gained Access to Google Fi Customers’ Information

• Congress Has a Lo-Fi Plan to Fix the Classified Documents Mess

• The Pivot: How MSPs can Turn a Challenge Into a Once-in-a-Decade Opportunity

• Iranian OilRig Hackers Using New Backdoor to Exfiltrate Data from Govt. Organizations

• LockBit Goes ‘Green’: How the New Conti-Based Encryptor Is Changing the Ransomware Game

• What Is Data Erasure?

• Hackers Abuse Google Ads to Send Antivirus Avoiding Malware

• Corvus Supercharges Cyber Underwriters with Corvus Risk Navigator™

• Intel Cuts Pay For Staff, Executives

• US Official Confirms Japan, Netherlands Joined US China Chip Sanctions

• Amazon Posts Annual Loss, Amid Restructuring

• GoAnywhere MFT Users Warned of Zero-Day Exploit

• China Says It’s Looking Into Report of Spy Balloon Over US

• Exploitation of Oracle E-Business Suite Vulnerability Starts After PoC Publication

• Hackers Abused Microsoft’s “Verified Publisher” OAuth Apps to Breach Corporate Email Accounts

• Manipulating Weights in Face-Recognition AI Systems

• Data Privacy Capability Guide

• 29,000 QNAP Devices Unpatched In Critical Vulnerabilities

• The ‘New Cold War’ Continues To Mark Urgency For Organisations To Bolster Cyber-Resilience

• NetFlow’s Dirty Little Secret

• Corvus Supercharges Cyber Underwriters with Corvus Risk Navigator™

• TgToxic Malware’s Automated Framework Targets Southeast Asia Android Users

• Cyberattacks on Energy’s National Labs draw lawmaker scrutiny

• Hackers are using this new trick to deliver their phishing attacks

• Another RAC staffer nabbed for storing and sharing road accident data

• Attackers abuse Microsoft’s ‘verified publisher’ status to steal data

• Ransomware Attacks on the Small and Medium Businesses are on the Rise

• Privacy Assistant Jumbo Reinvents Itself

• Most Important Computer Forensics Tools for 2023

• How multicloud changes devops

• Learn More About Check Point’s Prevention-First CNAPP

• 2022 in Review: Privacy gains footholds in the US; EU continues to lead

• Vulnerability in F5 BIG-IP May Cause DoS and Code Execution

• Patch your Jira Service Management Server and Data Center and check for compromise! (CVE-2023-22501)

• ChatGPT: When Cybercrime Meets the Emerging Technologies

• Corvus Supercharges Cyber Underwriters with Corvus Risk Navigator™

• Apple Disappoints By Missing Wall Street Expectations

• ICO Relaxes Breach Reporting for Comms Providers

• Additional Supply Chain Vulnerabilities Uncovered in AMI MegaRAC BMC Software

• US Man Charged in $110m Crypto Trading Scheme

• Russia-linked Gamaredon APT targets Ukrainian authorities with new malware

• Corvus Supercharges Cyber Underwriters with Corvus Risk Navigator™

• GitHub Reports Code-Signing Certificate Theft in Security Breach

• New DDoS-as-a-Service Platform Attacking Medical Institutions

• 2023-01-31 – BB12 Qakbot (Qbot) with Cobalt Strike and VNC traffi

• Writing a Modern HTTP(S) Tunnel in Rust

• Quarter of CFOs Have Suffered $1m+ Breaches

• How Can Disrupting DNS Communications Thwart a Malware Attack?

• IT Leaders Reveal Cyber Fears Around ChatGPT

• So much hype about Chat GPT… here are some facts

• Cisco fixed command injection bug in IOx Application Hosting Environment

• 3 Ways to Improve Your Customer Retention With Social Media

• Want your endpoint security product in the Microsoft Consumer Antivirus Providers for Windows?

• Corvus Supercharges Cyber Underwriters with Corvus Risk Navigator™

• Atlassian’s Jira Software Found Vulnerable to Critical Authentication Vulnerability

• New High-Severity Vulnerabilities Discovered in Cisco IOx and F5 BIG-IP Products

• Corvus Supercharges Cyber Underwriters with Corvus Risk Navigator™

• LockBit claims responsibility for ION ransomware attack but US/UK hounds are sniffing

• Corvus Supercharges Cyber Underwriters with Corvus Risk Navigator™

• CISOs laxity towards cybersecurity is leading to more Cyber Attacks

• QNAP NAS devices are vulnerable to ransomware attacks

• Hackers Use TrickGate Packer to Deploy Emotet, Cobalt Strike & Other Malware

• We can’t rely on goodwill to protect our critical infrastructure

• New infosec products of the week: February 3, 2023

• Corvus Supercharges Cyber Underwriters with Corvus Risk Navigator™

• CISA Alert: Oracle E-Business Suite and SugarCRM Vulnerabilities Under Attack

• Is that survey real or fake? How to spot a survey scam

• Inability to prevent bad things from happening seen as the worst part of a security job

• Short-staffed SOCs struggle to gain visibility into cloud activities

• Corvus Supercharges Cyber Underwriters with Corvus Risk Navigator™

• MITRE Launches Cyber Resiliency Engineering Framework Navigator

• Uprite Services Achieves HIPAA Compliance With Compliancy Group

• Pixalate iCloud Private Relay helps users measure their exposure to iCPR traffic

• Keepit introduces backup and recovery solution for Power BI users

• HYCU R-Cloud protects all business-critical apps from on-premises to SaaS

• Netwrix 1Secure empowers MSPs to secure clients from a single console

• NordVPN Identifies the Most Risky Websites for Users’ Privacy and Security

• Corvus Supercharges Cyber Underwriters with Corvus Risk Navigator™

• Wasabi Surveillance Cloud offloads surveillance footage from local storage directly to the cloud

• Corvus Supercharges Cyber Underwriters with Corvus Risk Navigator™

• Corvus Supercharges Cyber Underwriters with Corvus Risk Navigator™

• Former Ubiquiti dev pleads guilty in data theft and extortion case

• Gem Security emerges from stealth and raises $11 million

• Radiant Logic acquires Brainwave GRC to strengthen security posture for customers

• NTT and Palo Alto Networks join forces to improve security management for enterprises

• Weekly Update 333

• Corvus Supercharges Cyber Underwriters with Corvus Risk Navigator™

• Top Three Docker Alternatives To Consider

• Everything You Need To Know About The Latest Imperva Online Fraud Prevention Feature Release

• Hospitals Hit by DDoS Attacks as Killnet Group Targets the Healthcare Sector – What You Need to do Now

• EFF, ACLU Seek to Protect the Public’s Right to Access Judicial Records

• Ransomware in December 2022

• Cybersecurity and privacy tips you can teach your 5+-year-old

• Dan Streetman joins Tanium as CEO

• ACLU, EFF Seek to Protect the Public’s Right to Access Judicial Records

• Corvus Supercharges Cyber Underwriters with Corvus Risk Navigator™

• U.S. cyberspace ambassador lays out technology’s role in geopolitical contests

• What is an OSINT Tool – Best OSINT Tools 2023

• Better data management makes digital services shine

• IT Security News Daily Summary 2023-02-02

• Corvus Supercharges Cyber Underwriters with Corvus Risk Navigator™

• US Justice Department Requests Tesla Self-Driving Documents

• Tech Nation To Shut Down After Government Pulls Grant

• DevSecOps Benefits and Challenges

• The Data Leakage Nightmare in AI

• Sentra Raises $30 Million Series A Financing to Meet Growing Demand for Data Security in the Cloud

• Aura and Nonprofit Cyversity Partner to Support a More Inclusive Cyber Workforce

• New Survey Reveals 40% of Companies Experienced a Data Leak in the Past Year

• NanoLock Addresses Global Industrial & OT Cyber Demand with Expansions into Europe and North America

• Netflix’s US Password-Sharing Crackdown Isn’t Happening—Yet

• CISA Releases One Industrial Control Systems Advisory

• Hackers Stole GitHub Desktop and Atom Code-Signing Certificates

• Amid FTX’s burning wreckage, Japan outpost promises asset withdrawals in February

• Conti Source Code & Everything API Employed by Mimic Ransomware

• Qwant or DuckDuckGo: Which Search Engine is More Private?

• Password Changes are Required for LastPass Customers

• Common Vulnerability Scoring System (CVSS)

• DOD’s open cyber recommendations date back to 2012

• Threat activity increasing around Fortinet VPN vulnerability

• Corvus Supercharges Cyber Underwriters with Corvus Risk Navigator™

• Spotify Beats Estimates, But Losses Soar

• China Start-Up ‘Delivers Quantum Computer’

• CEO, CIO or CFO: Who Should Your CISO Report To?

• Access management policy

• Are Your Employees Thinking Critically About Their Online Behaviors?

• Cyberattack on Fintech Firm Disrupts Derivatives Trading Globally

• Korelock Launches IOT Smart Lock Technology Company

• Hornetsecurity Combats QR Code Phishing With Launch of New Technology

• Understanding Business Email Compromise to better protect against it

• 10 Surprises of Remote Work from Security Engineers

• The U.N. Cybercrime Convention Should Not Become a Tool for Political Control or the Watering Down of Human Rights

• US Hospitals DDoS Attack, Websites Taken Down By Russian Hackers

• TSA U.S. ‘No Fly List’ Gets Leaked On Hacking Forum

• 10 Ways Digitalisation is Improving the UK Immigration Process

• Cybersecurity Industry News Review – 31 January 2023

• FBI Takes Down the Infamous Ransomware Gang’s Website

• As pandemic-era Medicaid provisions lapse, millions approach a coverage cliff

• Corvus Supercharges Cyber Underwriters with Corvus Risk Navigator™

• Facebook & Instagram Flaw Let Anyone Bypass Two-factor Authentication

• SAST: How Code Analysis Tools Look for Security Flaws

• Phishing attacks are getting scarily sophisticated. Here’s what to watch out for

• Speed up onboarding with Active Directory user templates

• GitHub code-signing certificates stolen (but will be revoked this week)

• You Really Need to Update Firefox and Android Right Now

• You Don’t Know Where Your Secrets Are

• The Lessons of the Electoral Count Reform Act: Next Steps in Reform

• Porsche Stops NFT Launch While Phishing Sites Fills The Space

• Why Attackers Target the Financial Services Industry

• What Is Dynamic Host Configuration Protocol (DHCP)?

• 10 Million JD Sports Customers Had Their Data Exposed in a Data Breach

• The Future of Online Shopping – What to Expect

• New year, new storage challenge

• More details emerge on NYC free internet pilot

• API management (APIM): What It Is and Where It’s Going

• Perception Point Announces New Record Year, Protecting Over 2,000 Organizations, Doubling Annual Recurring Revenue, and Expanding Portfolio into Web Security

• Corvus Supercharges Cyber Underwriters with Corvus Risk Navigator™

• US ‘Stops Providing’ Huawei Export Licences

• Samsung Chip Business Posts Profit Plunge

• Gartner Sees Further Smartphone, PC Sales Slide In 2023

• 11 Questions to Ask When Choosing an Application Security Vendor

• Saviynt raises $205M and affirms that IAM must be cloud-friendly

• Oversight Chairman Comer: ‘We’re two years behind in oversight’

• Cyber Insurance Companies Require Enhanced Security from Clients

• F5 BIG-IP Vulnerability Can Lead to DoS, Code Execution

• HeadCrab malware targets Redis to mine cryptocurrency

• Rising ‘Firebrick Ostrich’ BEC Group Launches Industrial-Scale Cyberattacks

• Researchers Uncover Packer Used by Several Malware to Evade Detection for 6 Years

• New Report Reveals NikoWiper Malware That Targeted Ukraine Energy Sector

• 1-15 January 2023 Cyber Attacks Timeline

• 4 Ways Artificial Intelligence Is Making Virtual Casinos Safer for Users

• Malvertising attacks are distributing .NET malware loaders

• Essential Team Building for Strong Cloud Security

• C++ creator Bjarne Stroustrup defends its safety

• Dingo Token ranking is #774, with a live market cap of $10,941,525 USD is a SCAM!

• To protect satellites, secure your networks, chief of space ops says

• S3 Ep120: When dud crypto simply won’t let go [Audio + Text]

• 6 Examples of the Evolution of a Scam Site

• Microsoft Investigation – Threat actor consent phishing campaign abusing the verified publisher process

• Corvus Supercharges Cyber Underwriters with Corvus Risk Navigator™

• APT groups use ransomware TTPs as cover for intelligence gathering and sabotage

• Foreign states already using ChatGPT maliciously, UK IT leaders believe

• NTT, Palo Alto partner for managed SASE with AIOps

• The Hidden Threat: 1Password Password Manager Phishing Ads on Google

• Sentra raises $30M to streamline data securely across the public cloud

• Cyber Insights 2023 | Ransomware

• Cyber Insights 2023 | Quantum Computing and the Coming Cryptopocalypse

• Cyber Insights 2023 | Regulations

• Google Shells Out $600,000 for OSS-Fuzz Project Integrations

• CISA Adds Two Known Exploited Vulnerabilities to Catalog

• The Evolution of Antivirus Software to Face Modern Threats

• Threat Actors Use ClickFunnels to Bypass Security Services

• CISA Releases Six Industrial Control Systems Advisories

• A High-severity bug in F5 BIG-IP can lead to code execution and DoS

• Prilex modification now targeting contactless credit card transactions

• How the University of Tulsa is Educating and Training the Next Generation of Cybersecurity Professionals

• Scale Azure Firewall SNAT ports with NAT Gateway for large workloads

• Corvus Supercharges Cyber Underwriters with Corvus Risk Navigator™

• Industry voices complaints over short response window for $60B VA recompete

• CISA Releases Six Industrial Control Systems Advisories

• GitHub Breach: Hackers Stole Code-Signing Certificates for GitHub Desktop and Atom

• QNAP Fixes Critical Vulnerability in NAS Devices with Latest Security Updates

• North Korea Led Biggest Year Ever Of Crypto Hacks

• Planet Ice – 240,488 breached accounts

• South Korea makes crypto crackdown a national justice priority

• Lack of emerging tech framework is ‘weakening’ US stance against China, lawmakers warn

• i-PRO New Multi-Sensor Lineup, PTZ Cameras & New Analytics at ISC West

• F5 Working on Patch for BIG-IP Flaw That Can Lead to DoS, Code Execution

• Ransomware attacks on public sector persist in January

• Arnold Clark Confirms Customer Data Compromised in Breach

• Soft Skills: Writing

• Mitigate risk by integrating threat modeling and DevOps processes

• Edgio Sponsors OWASP ModSecurity CRS to Further Advance Application Security Development

• ExtraHop Partners with Binary Defense to Deliver Managed Network Detection and Response

• Corvus Supercharges Cyber Underwriters with Corvus Risk Navigator™

• Trace3 to Deliver Managed Detection and Response Service Powered by Deepwatch

• Keyfactor Achieves Payment Card Industry Data Security Standard Compliance Certification

• United States Senator demands TikTok app store ban

• Study: Companies have upwards of 1,000 apps but only a third are integrated

• AppSec Playbook 2023: Study of 829M Attacks on 1,400 Websites

• Patch Critical Bug Now: QNAP NAS Devices Ripe for the Slaughter

• Speaking Engagements

• HPE, NetApp Warn Of Critical Open Source Bug

• Google Boosts Bounties For Open Source Flaws Found Via Fuzzing

• Up To 29,000 Unpatched QNAP Storage Devices Are Sitting Ducks To Ransomware

• Enter The Hunter Satellites Preparing For Space War

• Ransomware Attack On Data Firm ION Could Take Days To Fix

• CyberSaint STRONGER 2023 Conference Call for Speakers is Open!

• IRONSCALES Enters 2023 Riding Significant Wave of Positive Momentum

• BAE Systems part of contract award supporting CANES program

• KLDiscovery Names Lawrence B. Prior III, Chair of the Board, Adds Lloyd W. Howell Jr. to the Board of Directors

• Netflix password paid sharing amuses consumers to a certain extent

• 9 Ways You Can Improve Security Posture

• Lazarus Group Attack Identified After Operational Security Fail

• Women in CyberSecurity Calls for Participants for New Measuring Inclusion Workshops

• Cisco Releases Security Advisories for Multiple Products

• The Cybercrime Ecosystem Knits a Profitable Underground Gig Economy

• A Nunavut Ransomware Incident Was Not Reported by Qulliq Energy

• Rivian To Axe 6 Percent Of Jobs, Amid EV Price War

• Prilex POS malware evolves to block contactless transactions

• Cisco Releases Security Advisories for Multiple Products

• Romance Fraudsters Have Stolen £65m from Brits Since 2020

• Ransomware attack halts London trading

• Is malware abusing your infrastructure? Find out with VirusTotal!

• TrickGate: Malicious Software Outwitting Antivirus for 6 Years

• UK Car Retailer Arnold Clark Hit by Ransomware

• Flaw in Cisco Industrial Appliances Allows Malicious Code to Persist Across Reboots

• ChatGPT May Already Be Used In Nation State Cyberattacks, Say IT Decision Makers in BlackBerry Global Research

• Cybersecurity Leaders Launch First Attack Matrix for Software Supply Chain Security

• Managing the Governance Model for Software Development in a No-Code Ecosystem

• Drupal Releases Security Update to Address a Vulnerability in Apigee Edge

• JD Sports: Data of 10 Million Customers at Risk

• Here’s How to Avoid Reddit Frauds

• Bitwarden Users Attacked via Malicious Google Ads

• Apple, Google Urged To Remove TikTok From App Stores

• How Do Threat Hunters Keep Organizations Safe?

• Romance fraud losses rose 91% during the pandemic, claims UK’s TSB bank

• IBM X-Force Exchange Threat Intelligence Platform

• Drupal Releases Security Update to Address a Vulnerability in Apigee Edge

• NTT Partners with Palo Alto Networks to Deliver Managed Prisma SASE

• Commercial Initiatives for Partner Success – Breakaway 1=5

• How ChatGPT Could Drive A Viral Crypto Narrative

• Russia Blocked Encrypted Email Startup Skiff

• LastPass Password Manager: increase this setting to improve security significantly

• Samsung Unveils Premium Galaxy S23 Series

• HeadCrab Botnet Ensnares 1,200 Redis Servers for Cryptomining

• Dealing With the Carcinization of Security

• Clarity and Transparency: How to Build Trust for Zero Trust

• Building a secure and scalable multi-cloud environment with Cisco Secure Firewall Threat Defense on Alkira Cloud

• John Eastman and the Limits of Bar Discipline

• Civilian Harm Mitigation: An Opportunity for Values-Based U.S. Leadership at NATO

• What SOCs Need to Know About Water Dybbuk, A BEC Actor Using Open-Source Toolkits

• New HeadCrab Malware Hijacks 1,200 Redis Servers

• Credential Stuffing, Pig Butchering, Security Keys for Your Apple Account, and the New Mac mini – Intego Mac Podcast Episode 277

• Lifetime VPNSecure subscriptions are now just $39.99

• Cybersecurity Budgets Are Going Up. So Why Aren’t Breaches Going Down?

• New Russian-Backed Gamaredon’s Spyware Variants Targeting Ukrainian Authorities

• Experts warn of two flaws in popular open-source software ImageMagick

• EV Charging Management System Vulnerabilities Allow Disruption, Energy Theft

• Cyber Insights 2023: Ransomware

• Cyber Insights 2023: Quantum Computing and the Coming Cryptopocalypse

• Cyber Insights 2023 | Supply Chain Security

• Cyber Insights 2023: Regulations

• AIs as Computer Hackers

• AI Transcription Service vs. Human Transcription: How to Decide?

• UK NCC Group To Cut Workforce By 7 Percent – Report

• Development Platform for Data Protection

• HeadCrab Malware Infects 1,200 Redis servers to Mine Monero

• OAuth Explained: A Guide to Understanding What It Is and How It Works

• Super Bock says ‘cyber’ nasty ‘disrupting computer services’

• Bitwarden’s Latest Update Takes Security to the Next Level

• Discrepancies Discovered in Vulnerability Severity Ratings

• ChatGPT Firm Trails Subscription Fee, Detection Tool

• Over 1800 Android Mobile App Web Injects for Sale on Hacking Forums

• Sextortion Scams – How They Persuade and What to Watch for

• Record $3.8bn Stolen Via Crypto in 2022

• North Korean Hackers Exploit Unpatched Zimbra Devices in ‘No Pineapple’ Campaign

• Cybersecurity budgets are going up. So why aren’t breaches going down?

• City Of London Traders Hit By Russia-Linked Cyberattack

• Pro-Russian Hackers Target European Hospitals

• InTheBox Threat Actor Sells Over 1,800 Web Injects on Cybercrime Forums

• Researchers Warn of Crypto Scam Apps on Apple App Store

• UK IT Leaders Fear ChatGPT Already Being Used In Nation State Cyberattacks, Reveals New BlackBerry Research

• Ransomware conversations: Why the CFO is pivotal to discussing and preparing for risk

• Application Security for Microservices: API Gateway, Service Mesh, and More

• 600,000 Server-Side Iterations: Bitwarden’s Latest Update Takes Security to the Next Level

• Meta Pleases Investors With ‘Year Of Efficiency’ Pledge

• Less is more: Conquer your digital clutter before it conquers you

• City of London on High Alert After Ransomware Attack

• Photos: Cybertech Tel Aviv 2023, part 2

• Lazarus Group Rises Again, to Gather Intelligence on Energy, Healthcare Firms

• Do you know what your supply chain is and if it is secure?

• W-2 phishing scams: Everything you need to know

• New Prilex Malware Blocks Contactless Payments to Steal Credit Card Data

• New Threat: Stealthy HeadCrab Malware Compromised Over 1,200 Redis Servers

• How to Address the Requirements of Personal Data Protection (PDP) Law of Indonesia

• Over 30k Internet-Exposed QNAP NAS hosts impacted by CVE-2022-27596 flaw

• LockBit Ransomware Attack on ION and Expeditors faces $2m lawsuit from customer

• New UN cybercrime convention has a long way to go in a tight timeframe

• Threat actors abuse Microsoft’s “verified publisher” status to exploit OAuth privileges

• The emergence of trinity attacks on APIs

• School District 42 – 18,850 breached accounts

• Yugabyte Releases YugabyteDB Voyager to Accelerate Cloud Native Adoption through Simple, Risk-Free Migration

• Research Exposes Azure Serverless Security Blind Spots

• New APT34 Malware Targets The Middle East

• 6 Ransomware Trends & Evolutions For 2023

• 50% of organizations have indirect relationships with 200+ breached fourth-party vendors

• The next cyber threat may come from within

• Hybrid cloud storage security challenges

• Janes Secures Sam Gordy as President of Janes US via Benchmark Executive Search

• Tanium Appoints Dan Streetman as Chief Executive Officer

• CEA Invests in European-Based Cyber and Intel

• LATEST CYBERTHREATS AND ADVISORIES – JANUARY 13, 2023

• Predicting which hackers will become persistent threats

• InterVision enhances its cloud and security services for mid-market organizations

• Hornetsecurity unveils two tools to counter rise in phishing attacks and malicious links

• Neustar Security Services introduces UltraDDR for DNS-based user protection

• Content Delivery Network (CDN) FAQs

• Remote Debugging Dangers and Pitfalls

• Certa joins forces with Sayari to improve third party management

• Zscaler Resilience prepares businesses for unpredictable events

• Sentra raises $30 million to meet growing demand for data security in the cloud

• Dremio and Privacera enhance data security governance capabilities on data lakehouses

• SAP partners with Red Hat to enhance intelligent business operations

• Trulioo launches end-to-end identity platform

• Privacera connects to Dremio’s data lakehouse to aid data governance

• Guardz debuts with cybersecurity-as-a-service for small businesses

• New “MITRE ATT&CK-like” framework outlines software supply chain attack TTPs

• BrandPost: Nation-State Threats and the Rise of Cyber Mercenaries: Exploring the Microsoft Digital Defense Report

• Attack Vector vs Attack Surface: The Subtle Difference

• How to protect your business from supply chain attacks

• Up to 10 million people potentially impacted by JD Sports breach

• GitHub revokes several certificates after unauthorized access

• Malwarebytes earns AV-TEST Top Product awards for fifth consecutive quarter

• Check Point Software Join Forces with Samsung to Elevate Mobile Security

• Why CISOs Should Care About Brand Impersonation Scam Sites

• RedSeal appoints Gregory Enriquez as CEO

• Kurt Gaudette joins Dragos as VP of Global Threat Intelligence

Generated on 2023-02-03 23:55:40.628329