IT Security News Daily Summary 2023-02-05

• Dark Web Hitman Paid with BTC to Murder Teen Victim

• Horizon3.ai Unveils: ‘Year in Review: Thru the Eyes of the Attacker 2022’

• Cloud Computing Penetration Testing Checklist – 2023

• Top 5 cyber-threats and how to prevent them

• Cybersecurity Industry News Review – 31 January 2023

• Finland’s Most-Wanted Hacker Nabbed in France

• Addressing the Effects of Civilian Targeting: Lessons from Syria for Ukraine

• Energy and Healthcare Firms Are The Focus of The Lazarus Group Once Again

• There Could a Facebook-Cambridge Analytica Scandal Everyday

• LexisNexis’ Virtual Crime Center: Making Millions from Sales to the U.S. Government

• Nevada Ransomware: Another Feather in the RaaS Ecosystem

• Installing Software via Google Poses Concerns

• The biggest risks in procrastinating on iPhone, Android software updates

• The biggest risks in putting off iPhone and Android software updates

• Apple and Google are Under Rising Pressure to Remove TikTok From App Stores

• The Importance To Provide Buyers And Sellers Secure, Convenient, And Frictionless Payment Experiences

• The Psychology Behind Spear Phishing Scams

• Validating Tools

• 50 Best Free Cyber Threat Intelligence Tools – 2023

• Fraudulent “CryptoRom” Apps Slip Through Apple and Google App Store Review Process

• Microsoft attributes Charlie Hebdo data leak to Iran-linked NEPTUNIUM APT

• Have we learnt nothing from SolarWinds supply chain attacks? Not yet it appears

• Implementing Digital Rights Management Systems To Safeguard Against Unauthorized Access Of Protected Content

• Security Affairs newsletter Round 405 by Pierluigi Paganini

• Week in review: Rail transport cybersecurity, “verified” OAuth apps used to infiltrate organizations

• Cyber Security Management System (CSMS) for the Automotive Industry

• Businesses turn to new as-a-service models in Industry 4.0

• Cybersecurity Leaders Launch OSC&R, An Open Framework for Analyzing Threats

• Improve KeePass security with this simple configuration change

• Gigamon names Chaim Mazal as CSO

• ExtraHop and Binary Defense join forces to protect customers against advanced threats

• Instant Checkmate, TruthFinder Data Breach: 20M Accounts Leaked

• US Downs Chinese Balloon Off Carolina Coast

• IT Security News Daily Summary 2023-02-04

• Bermuda: Major Internet And Power Outage Strikes

• CISA adds Oracle, SugarCRM bugs to its Known Exploited Vulnerabilities Catalog

• Feds Say Cyberattack Caused Suicide Helpline’s Outage

• Microsoft: Iran Unit Behind Charlie Hebdo Hack-and-Leak Op

• F5 BIG-IP Vulnerability Can Lead to DoS, Code Execution

• HeadCrab malware targets Redis to mine cryptocurrency

• GoAnywhere MFT zero-day flaw actively exploited

• GoodRx Made Money On Your Behalf, FTC is Making It Pay

• Dingo Token ranking is #774, with a live market cap of $10,941,525 USD is a SCAM!

• Malvertising attacks are distributing .NET malware loaders

• Essential Team Building for Strong Cloud Security

• PixPirate: Brand New Brazilian Banking Trojan

• Edgio Sponsors OWASP ModSecurity CRS to Further Advance Application Security Development

• Royal Mail “cyber incident” is an ongoing cyberattack CEO admits to MPs

• To protect satellites, secure your networks, chief of space ops says

• S3 Ep120: When dud crypto simply won’t let go [Audio + Text]

• 6 Examples of the Evolution of a Scam Site

• How the end of Netflix password sharing will change the way families watch

• ‘Ransomware Year’ May Be The Most Devastating Ever

• 20M User Data Breach Reported by PeopleConnect

• PixPirate: New Android Banking Trojan Targeting Brazilian Financial Institutions

• All You Need to Know About the Cisco Command-Injection Bug

• Beware: Malicious Apps On Apple & Google Play Push Users into Fake Investments

• Googling for Software Downloads Is Extra Risky Right Now

• CERT-FR warns of a new wave of ransomware attacks targeting VMware ESXi servers

• The Evolution of Antivirus Software to Face Modern Threats

• Google Shells Out $600,000 for OSS-Fuzz Project Integrations

• Threat Actors Use ClickFunnels to Bypass Security Services

• CISA Adds Two Known Exploited Vulnerabilities to Catalog

• Drupal Releases Security Update to Address a Vulnerability in Apigee Edge

• Cisco Releases Security Advisories for Multiple Products

• CISA Adds Two Known Exploited Vulnerabilities to Catalog

• CISA Releases Six Industrial Control Systems Advisories

• A High-severity bug in F5 BIG-IP can lead to code execution and DoS

• Truth Finder – 8,159,573 breached accounts

• How the University of Tulsa is Educating and Training the Next Generation of Cybersecurity Professionals

• Tallahassee Memorial HealthCare, Florida, has taken IT systems offline after cyberattack

• Scale Azure Firewall SNAT ports with NAT Gateway for large workloads

• Industry voices complaints over short response window for $60B VA recompete

• CISA Releases Six Industrial Control Systems Advisories

• Iran crew stole Charlie Hebdo database, says Microsoft

• Build or Buy your own antivirus product

• Lack of emerging tech framework is ‘weakening’ US stance against China, lawmakers warn

• North Korea Led Biggest Year Ever Of Crypto Hacks

• The Benefits of eBPF for API Security

• Ransomware attacks on public sector persist in January

• Arnold Clark Confirms Customer Data Compromised in Breach

• Malware Attacks can be Thwarted by Tampering with DNS Communications

• Mitigate risk by integrating threat modeling and DevOps processes

• United States Senator demands TikTok app store ban

• Study: Companies have upwards of 1,000 apps but only a third are integrated

• AppSec Playbook 2023: Study of 829M Attacks on 1,400 Websites

• Patch Critical Bug Now: QNAP NAS Devices Ripe for the Slaughter

• Speaking Engagements

• HPE, NetApp Warn Of Critical Open Source Bug

• Google Boosts Bounties For Open Source Flaws Found Via Fuzzing

• Up To 29,000 Unpatched QNAP Storage Devices Are Sitting Ducks To Ransomware

• Enter The Hunter Satellites Preparing For Space War

• New Wave of Ransomware Attacks Exploiting VMware Bug to Target ESXi Servers

• CyberSaint STRONGER 2023 Conference Call for Speakers is Open!

• IRONSCALES Enters 2023 Riding Significant Wave of Positive Momentum

• BAE Systems part of contract award supporting CANES program

• 9 Ways You Can Improve Security Posture

• Lazarus Group Attack Identified After Operational Security Fail

• Women in CyberSecurity Calls for Participants for New Measuring Inclusion Workshops

• Warning: Hackers Actively Exploiting Zero-Day in Fortra’s GoAnywhere MFT

• Ransomware Attack On Data Firm ION Could Take Days To Fix

• The Cybercrime Ecosystem Knits a Profitable Underground Gig Economy

• Rivian To Axe 6 Percent Of Jobs, Amid EV Price War

• TrickGate: Malicious Software Outwitting Antivirus for 6 Years

• Prilex POS malware evolves to block contactless transactions

• ChatGPT May Already Be Used In Nation State Cyberattacks, Say IT Decision Makers in BlackBerry Global Research

• Cybersecurity Leaders Launch First Attack Matrix for Software Supply Chain Security

• Managing the Governance Model for Software Development in a No-Code Ecosystem

• Cisco Releases Security Advisories for Multiple Products

• Romance Fraudsters Have Stolen £65m from Brits Since 2020

• Ransomware attack halts London trading

• JD Sports: Data of 10 Million Customers at Risk

• A Nunavut Ransomware Incident Was Not Reported by Qulliq Energy

• LATEST CYBERTHREATS AND ADVISORIES – FEBRUARY 3, 2023

• Is malware abusing your infrastructure? Find out with VirusTotal!

• 2023-02-03 – DEV-0569: Google ad –> FakeBat Loader –> Redline Stealer and Gozi/ISFB

• MITRE CREF Navigator empowers enterprises to improve cyber resiliency strategies

• Trace3 integrates Deepwatch services into their solutions

• Drata Audit Hub unifies customer and auditor communication

• Apple, Google Urged To Remove TikTok From App Stores

• India’s Largest Truck Brokerage Company Leaking 140GB of Data

• How Do Threat Hunters Keep Organizations Safe?

• Key takeaways from ESET’s new APT Activity Report – Week in security with Tony Anscombe

• Romance fraud losses rose 91% during the pandemic, claims UK’s TSB bank

• Drupal Releases Security Update to Address a Vulnerability in Apigee Edge

• Atlassian’s Jira Service Management Found Vulnerable to Critical Vulnerability

• Here’s How to Avoid Reddit Frauds

• Bitwarden Users Attacked via Malicious Google Ads

• IBM X-Force Exchange Threat Intelligence Platform

• Samsung Unveils Premium Galaxy S23 Series

• NTT Partners with Palo Alto Networks to Deliver Managed Prisma SASE

• Commercial Initiatives for Partner Success – Breakaway 1=5

• John Eastman and the Limits of Bar Discipline

• How ChatGPT Could Drive A Viral Crypto Narrative

• Russia Blocked Encrypted Email Startup Skiff

• Clarity and Transparency: How to Build Trust for Zero Trust

• Building a secure and scalable multi-cloud environment with Cisco Secure Firewall Threat Defense on Alkira Cloud

• UK NCC Group To Cut Workforce By 7 Percent – Report

• Lifetime VPNSecure subscriptions are now just $39.99

• Cybersecurity Budgets Are Going Up. So Why Aren’t Breaches Going Down?

• New Russian-Backed Gamaredon’s Spyware Variants Targeting Ukrainian Authorities

• Experts warn of two flaws in popular open-source software ImageMagick

• Civilian Harm Mitigation: An Opportunity for Values-Based U.S. Leadership at NATO

• New HeadCrab Malware Hijacks 1,200 Redis Servers

• Instant Checkmate – 11,943,887 breached accounts

• AI Transcription Service vs. Human Transcription: How to Decide?

• Credential Stuffing, Pig Butchering, Security Keys for Your Apple Account, and the New Mac mini – Intego Mac Podcast Episode 277

• The Chinese Spy Balloon Shows the Downsides of Spy Balloons

• Bitwarden’s Latest Update Takes Security to the Next Level

• ChatGPT Firm Trails Subscription Fee, Detection Tool

• Over 1800 Android Mobile App Web Injects for Sale on Hacking Forums

• Development Platform for Data Protection

• Sextortion Scams – How They Persuade and What to Watch for

• Record $3.8bn Stolen Via Crypto in 2022

• Discrepancies Discovered in Vulnerability Severity Ratings

• North Korean Hackers Exploit Unpatched Zimbra Devices in ‘No Pineapple’ Campaign

• City Of London Traders Hit By Russia-Linked Cyberattack

• HeadCrab Malware Infects 1,200 Redis servers to Mine Monero

• Pro-Russian Hackers Target European Hospitals

• OAuth Explained: A Guide to Understanding What It Is and How It Works

• Super Bock says ‘cyber’ nasty ‘disrupting computer services’

• HeadCrab bots pinch 1,000+ Redis servers to mine coins

• The rise of multi-threat ransomware

• Cyberthreats facing UK finance sector “a national security threat”

• How the CISA catalog of vulnerabilities can help your organization

• Business Email Compromise attack imitates vendors, targets supply chains

Generated on 2023-02-05 23:55:25.853637

Liked it? Take a second to support IT Security News on Patreon!