IT Security News Daily Summary 2023-06-01

• Cyversity and United Airlines to Provide Cybersecurity Training Scholarships to Cyversity Members

• DNB Strengthens its Network Security Posture and Productivity With Ericsson Security Manager Solution

• How To Reduce Cost Overruns For AI Implementation Projects

• New bill proposes ‘made in China’ tags for mobile apps

• Federal vision to streamline cyber incident reporting expected this summer

• Tel Aviv Stock Exchange Selects CardinalOps to Reduce Risk of Breaches Due to Undetected Attacks

• Kaspersky Says New Zero-Day Malware Hit iPhones—Including Its Own

• Here’s what earnings from industry rivals mean for two Club names

• Why DMARC Is Failing: 3 Issues With DMARC

• Amazon Pays $30.8M to Settle Ring Spying & Alexa Privacy Lawsuits

• Generative AI: What Every CISO Needs to Know

• Damage assessment tool streamlines data collection for disaster prep, response, recovery

• Pharma Companies Fight Back Against Counterfeit Drug Sellers On Facebook

• What Is DMARC Email Security Technology?

• The Dark Side of DevSecOps and Why We Need Governance Engineering

• DMARC Setup & Configuration: Step-By-Step Guide

• Apps with over 420 Million downloads from Google Play unveil the discovery of SpinOk spyware

• The Perfect Blend: Qdoba’s SASE Transformation

• Zero-day vulnerability in MoveIt Transfer under attack

• How Do I Reduce Security Tool Sprawl in My Environment?

• Jetpack WordPress Plug-in API Bug Triggers Mass Updates

• 1Kosmos BlockID available in AWS Marketplace

• Resecurity presents Digital Identity Product to protect digital identities

• Most people are aware of their data trails, but few know how to deal with it: Okta study

• VentureBeat Q&A: CrowdStrike’s Michael Sentonas on importance of unifying endpoint and identity security

• What state unemployment modernization pilots get right

• 10 Top Governance, Risk and Compliance (GRC) Tools for 2023

• Amazon To Discontinue Celebrity Voices For Alexa – Report

• Google Drive Deficiency Allows Attackers to Exfiltrate Workspace Data Without a Trace

• Sustained ‘Red Deer’ Phishing Attacks Impersonate Israel Post, Drop RATs

• New Relic launches Amazon Security Lake integration

• Cobalt Iron Compass NAS Protector simplifies management of NAS data

• WithSecure’s USB armory enables post-quantum cryptography in space

• Secureworks strengthens industrial cybersecurity with two new offerings

• Automation risks creating a two-tier workforce of haves and have-nots

• NICE Framework (National Initiative for Cybersecurity Education Cybersecurity Workforce Framework)

• 6 ways Amazon Security Lake could boost security analytics

• S3 Ep137: 16th century crypto skullduggery

• Novel PyPI Malware Uses Compiled Python Bytecode to Evade Detection

• Where SBOMs Stand Today

• Evasive QBot Malware Leverages Short-lived Residential IPs for Dynamic Attacks

• Cracking the Code — How Machine Learning Supercharges Threat Detection

• The downside of frenemies

• BSA taps former chief acquisition officer as new procurement lead

• FTC charges Ring over ‘disregard’ for customer data security

• Ask Fitis, the Bear: Real Crooks Sign Their Malware

• Horabot Campaign Targets Spanish-Speaking Users in the Americas

• Announcing the Chrome Browser Full Chain Exploit Bonus

• Embracing Advanced Frameworks for Effective Vulnerability Management

• The role of cybersecurity in financial institutions -protecting against evolving threats

• The intersection of telehealth, AI, and Cybersecurity

• Mark Zuckerberg Announces Meta Quest 3 VR Headset

• How can Congress regulate AI? Erect guardrails, ensure accountability and address monopolistic power

• Satellite data could boost border security, disaster response

• How to determine exactly what personal information Microsoft Edge knows about you

• Void Rabisu’s RomCom Backdoor Reveals Shifting Threat Actor Goals

• Biometric Bypass: BrutePrint Makes Short Work of Fingerprint Security

• Unmasking XE Group: Experts Reveal Identity of Suspected Cybercrime Kingpin

• New Zero-Click Hack Targets iOS Users with Stealthy Root-Privilege Malware

• Uptycs integrates with Amazon Security Lake to provide telemetry across workloads

• CYTRACOM improves efficiency for MSPs with ControlOne platform updates

• Critical zero-day vulnerability in MOVEit Transfer exploited by attackers!

• Nozomi and Cynalytica team to deliver security solutions to OT & IoT environments

• Palo Alto Networks CEO Nikesh Arora: We don’t see the demand for cybersecurity slowing down

• Risk: Everything Everywhere All at Once

• Ransomware Attacks Pose Significant Threats to the Security of Medical Devices

• Most CEOs Increasingly Prioritise Cybersecurity Over Economic Performance

• Ransomware attack on Biotech company exposes info of over 2.5 million patients

• Amazon fined $31 million over privacy breaches, including snooping on kids

• Decade-old critical vulnerability in Jetpack patched on millions of WordPress websites

• 6 ways Amazon Security Lake could boost data security

• Potential Backdoor in Gigabyte PCs Exposes Supply Chain Risks

• Watch Out For These ChatGPT and AI Scams

• Lazarus Hackers Exploit Windows IIS Web Servers for Initial Access

• VPN Split Tunneling: A Better VPN Option?

• Meta Warns It May Pull News Content In California

• Twitter Value Collapses After Fidelity Writedown

• Toyota Discloses New Data Breach Involving Vehicle, Customer Information

• Russia Blames US Intelligence for iOS Zero-Click Attacks

• Russia Says U.S. Accessed Thousands Of Apple Phones In Spy Plot

• Amazon To Pay $30.8M For Alexa And Ring Privacy Violations

• New Vulnerability Gives MacOS Users A Migraine

• War Crimes Evidence Erased By Social Media Firms

• Researchers Tell Owners To Assume Compromise Of Unpatched Zyxel Firewalls

• Stellar Cyber integrates with Amazon Security Lake to boost data processing and threat detection

• Safe Security unveils Cyber Risk Cloud of Clouds platform

• Code42 names Wayne Jackson to its Board of Directors

• Increasingly Sophisticated Cyberattacks Target Healthcare

• Five ways enterprises can stop synthetic identity fraud with AI

• SolarWinds Transforms Brand to Signify Ongoing Evolution, Portfolio Expansion, and Customer Empowerment

• Expanding Our Global Partner Program

• Cisco Acquiring Armorblox for Predictive and Generative AI Technology

• Top macOS Malware Threats Proliferate: Here Are 6 to Watch

• New Threat Intelligence Report Provides Actionable Intelligence Against Cyberattacks

• Threat Actors Exploit Qbot Malware: Evolving Tactics for Stealthy Attacks

• Meet Charlotte, CrowdStrike’s New Generative AI Assistant

• Dark Reading Launches Inaugural CISO Advisory Board

• Top MacOS Malware Threats Proliferate: Here Are 6 to Watch

• How Wazuh Improves IT Hygiene for Cyber Security Resilience

• Malicious PyPI Packages Using Compiled Python Code to Bypass Detection

• Operation Triangulation: iOS devices targeted with previously unknown malware

• Resecurity appoints Shawn Loveland as COO

• Syxsense partners with VLCM to provide customers with endpoint security and management solutions

• Threat actors can exfiltrate data from Google Drive without leaving a trace

• 10 Effective Strategies To Safeguard Your IoT Network From Threats

• An Overview of Cloud Cryptography

• Moxa Patches MXsecurity Vulnerabilities That Could Be Exploited in OT Attacks

• The Role of Automation in Streamlining DevOps Processes

• Mitiga warns free Google Drive license lacks logging visibility

• BlackCat claims the hack of the Casepoint legal technology platform used by US agencies

• On the Catastrophic Risk of AI

• Amazon To Pay $30m Over Alexa, Ring Privacy Violations

• Dark Pink APT Group Compromised 13 Organizations in 9 Countries

• Ransomware Renaissance 2023: The Definitive Guide to Stay Safer

• Adobe Inviting Researchers to Private Bug Bounty Program

• Organizations Warned of Salesforce ‘Ghost Sites’ Exposing Sensitive Information

• Amazon Settles Ring Customer Spying Complaint

• Improved BlackCat Ransomware Strikes with Lightning Speed and Stealthy Tactics

• Zyxel firewalls under attack by Mirai-like botnet

• UK SMEs To Increase IT Investments In 2023

• PCI DSS 4.0 Requirements – Network Security Controls and Secure Configuration

• Critical Vulnerabilities Found in Faronics Education Software

• HMRC in New Tax Credits Scam Warning

• TechRepublic Premium editorial calendar: IT policies, checklists, toolkits and research for download

• Amazon to Pay $31m After FTC’s Security and Privacy Allegations

• Zyxel Customers Urged to Patch Exploited Bug

• Widespread exploitation by botnet operators of Zyxel firewall flaw

• Champions League: How to stay safe while streaming matches

• N. Korean ScarCruft Hackers Exploit LNK Files to Spread RokRAT

• Do you know what your supply chain is and if it is secure?

• Hackers Exploit Barracuda Zero-Day Flaw Since 2022 to Install Malware

• Amazon Ring, Alexa accused of every nightmare IoT security fail you can imagine

• Navigating cybersecurity in the age of remote work

• Why organizations should adopt a cloud cybersecurity framework

• Ukraine war blurs lines between cyber-crims and state-sponsored attackers

• Cyber Attack on exams and its impact on ambulances

• Critical vulnerability in Gigabyte Motherboards discovered

• Urgent WordPress Update Fixes Critical Flaw in Jetpack Plugin on Million of Sites

• Active Mirai Botnet Variant Exploiting Zyxel Devices for DDoS Attacks

• Infosec products of the month: May 2023

• Phishing campaigns thrive as evasive tactics outsmart conventional detection

• Fighting ransomware: Perspectives from cybersecurity professionals

• Disaster recovery challenges enterprise CISOs face

• Sharing your business’s data with ChatGPT: How risky is it?

• API security: key to interoperability or key to an organization?

• XDR meets IAM: Comprehensive identity threat detection and response with Microsoft

• Dark Pink cyber-spies add info stealers to their arsenal, notch up more victims

• [updated] Barracuda Networks patches zero-day vulnerability in Email Security Gateway

• CISA issues warning to US businesses: Beware of China’s state-sponsored cyber actor

• Microsoft gives Apple a migraine

• Financial services company OneMain fined $4.25 million for security lapses

• Feds, you’ll need a warrant for that cellphone border search

• FTC fines Amazon $25M for violating children’s privacy with Alexa

• AI has created areas so grey, you could write a song about it

• How OffSec’s Web Application Security Course Helps Technical Team Members Become Better Developers, Attackers, and Defenders

• A closer look at ID verification across state benefits applications

• IT Security News Monthly Summary – June

• IT Security News Daily Summary 2023-05-31

• Crypto Discord Communities Targeted by Malicious Bookmarks & JavaScript

• Never Use Credentials in a CI/CD Pipeline Again

• US deploys tech diplomacy to cultivate leadership in emerging fields

• DHS faces slow disaster response burdened by legacy systems, officials warn

• 8 best practices for securing your Mac from hackers in 2023

• Yet Another Toyota Cloud Data Breach Jeopardizes Thousands of Customers

• Experts warn of backdoor-like behavior within Gigabyte systems

• Decoding eBPF Observability: How eBPF Transforms Observability as We Know It

• Machine Learning Applications in the Cybersecurity Space

• Serious Security: That KeePass “master password crack”, and what we can learn from it

• British Healthcare System Accused Of Sharing Intimate Patient Details With Facebook Without Consent

• Can Cloud Services Encourage Better Login Security? Netflix’s Accidental Model

• The Right to Repair Is Law in Minnesota. California Should Be Next

• Debt ceiling politics could derail plans for modernizing unemployment benefits delivery

• MacOS ‘Migraine’ Bug: Big Headache for Device System Integrity

• Ways to Help Cybersecurity’s Essential Workers Avoid Burnout

• Shadow Data Concerns, Public Cloud Breaches Remain Sky-High: Here’s How Organizations Can Protect Themselves

• AI and China are ‘defining challenges of our time,’ CISA director says

• NASA team’s plan to decode UFO sightings hinges on better data

• Amazon Staff Walkout Over Environment, Return To Office Policies

• Draft AI Code Drafted Within Weeks – EU Official

• Phishing defense, one simulated email at a time

• Barracuda Email Security Gateways bitten by data thieves

• Barracuda zero-day bug exploited months prior to discovery

• Top 5 Application Security Tools & Software for 2023

• Organizations Warned Of Backdoor In Hundreds Of Gigabyte Motherboards

• Criminals spent 10 days in US dental insurer’s systems extracting data of 9 million

• How agencies can automate data extraction at scale

• Bitdefender GravityZone Security for Mobile provides protection against mobile attack vectors

• Rezilion Smart Fix improves software supply chain security

• Bitdefender Introduces GravityZone Security for Android, iOS, and Chromebook

• 10 ways to speed up your internet connection today

• The best VPN trials of 2023: Top VPNs to test for free

• 6 Best Bot Protection Solutions and Software for 2023

• Checkmarx Announces GenAI-powered AppSec Platform, Empowering Developers and AppSec Teams to Find and Fix Vulnerabilities Faster

• Investment May Be Down, but Cybersecurity Remains a Hot Sector

• Apple’s iOS 16.5 Fixes 3 Security Bugs Already Used in Attacks

• Cybercriminals Targeting Apache NiFi Instances for Cryptocurrency Mining

• Warning! WordPress Plugin ”Gravity Forms” Vulnerable to PHP Object Injection

• Adding Chrome Browser Cloud Management remediation actions in Splunk using Alert Actions

• Vulnerability Summary for the Week of May 22, 2023

• Buy-Now-Pay-Later (BNPL) is Revolutionising the E-Commerce Landscape

• New Mexico trying to build and train new workforce for broadband expansion

• New “Migraine” Flaw Enables Attackers to Bypass MacOS Security

• New eID Scheme Gives EU Citizens Easy Access to Public Services Online

• Software Liability And Hard Truths Of Manufacturer Responsibility

• Critical Barracuda 0-Day Was Used To Backdoor Networks For 8 Months

• Cyberwar Manufacturers Plot To Stay On Right Side Of US

• XFS Bug In Linux Kernel 6.3.3 Coincides With SGI Code Comebank

• Solar Panels at Risk of Cyber Attacks, warn Experts

• SeroXen RAT for sale

• Phishing-resistant MFA 101: What you need to know

• Twitter Sued By Janitors, As Musk Meets Chinese Officials

• Were you caught up in the latest data breach? Here’s how to find out

• SpinOk Trojan Compromises 421 Million Android Devices

• Virginia ABC officials say they’ve ‘automated’ liquor lotteries to prevent future errors

• Organizations Warned of Backdoor Feature in Hundreds of Gigabyte Motherboards

• Chrome 114 Released With 18 Security Fixes

• IDSA: Only 49% of Firms Invest in Identity Protection Before Incidents

• Mirai Variant Opens Tenda, Zyxel Gear to RCE, DDoS

• A Roadmap for Becoming a Penetration Tester in 2023

• Here’s How Quantum Computing can Help Safeguard the Future of AI Systems

• Critical Firmware Vulnerability in Gigabyte Systems Exposes ~7 Million Devices

• Chinese Hacking of US Critical Infrastructure

• Salt Security Attains AWS Security Competency Status

• 3 ways to spot a malware-infected app on your smartphone

• Threatening botnets can be created with little code experience, Akamai finds

• Threat actors are exploiting Barracuda Email Security Gateway bug since October 2022

• PingSafe helps organizations securely deploy containers with KSPM module

• ConnectSecure enhances its cybersecurity platform with deep attack surface scanning and EPSS

• Someone is roping Apache NiFi servers into a cryptomining botnet

• Permit.io launches FoAz to give frontend developers the keys to security

• NYC’s Metropolitan Opera Faces Lawsuit for 2022 Data Breach

• The pros and cons of the debt deal for states and localities

• Focus Security Efforts on Choke Points, Not Visibility

• Beware of Ghost Sites: Silent Threat Lurking in Your Salesforce Communities

• Critical Firmware Backdoor in Gigabyte Systems Exposes ~7 Million Devices

• AI: the cause of the metaverse’s demise?

• AI Leaders Warn Of ‘Extinction’ Risk To Humans

• Shut Down Phishing Attacks – Types, Methods, Detect, Prevention Checklist

• Critical Jetpack WordPress Flaw Exposes Millions of Website

• XFS bug in Linux kernel 6.3.3 coincides with SGI code comeback

• Millions of Gigabyte Motherboards Were Sold With a Firmware Backdoor

• Swiss real estate agency Neho fails to put a password on its systems

• When the popular safeguarding tool is anything but

• PyPI Enforces the Usage of Two-factor Authentication for All Software PUBLISHES

• This Campaign Delivers Three Malware Via Pirated Software Videos On YouTube

• Many Gigabyte PC models affected by major supply chain issue

• Salesforce ‘Ghost Sites’ Expose Sensitive Corporate Data

• Netskope integrates with AWS to simplify security data management

• Zyxel patches vulnerability in NAS devices (CVE-2023-27988)

• PingOne Protect prevents account takeover

• Hitachi Data Reliability Engineering improves the consistency of business-critical data

• 1Password tightens the thumbscrews for users of the old version of the password manager

• Spyware Found in Google Play Apps With Over 420 Million Downloads

• Breaking Enterprise Silos and Improving Protection

• 6 Steps to Effective Threat Hunting: Safeguard Critical Assets and Fight Cybercrime

• Microsoft Details Critical Apple macOS Vulnerability Allowing SIP Protection Bypass

• China Urges Japan To Drop Chip Export Restrictions

• Danni Brooke to Spotlight the Role of Women in Cyber at Infosecurity Europe 2023

• Nvidia Briefly Hits $1 Trillion Valuation

• Mirantis Lens Control Center simplifies secure Kubernetes deployments

• How APTs target SMBs

• MacOS Vulnerability Enables Hackers to Bypass SIP Root Restrictions

• Hackers Can Bypass Fingerprint Locks On Phones With BrutePrint Attack

• Investigating BlackSuit Ransomware’s Similarities to Royal

• Barracuda Zero-Day Exploited to Deliver Malware for Months Before Discovery

• Millions of WordPress Sites Patched Against Critical Jetpack Vulnerability

• Dark Pink APT Group Leverages TelePowerBot and KamiKakaBot in Sophisticated Attacks

• Cybersecurity Standards in the Banking Industry

• The Issue of Insider Threats: What you Need to Know

• Learn how to protect your company from cyberattacks for just $46

• Pentagon Cyber Policy Cites Learnings from Ukraine War

• Affiliate Marketing Meets Tech: Conferences Every Tech Geek Should Have On Their Radar

• How To Fulfil Your Dream Of Becoming A Digital Nomad In Australia

• Thinking straight in the SoC: How AI erases cognitive bias

• WordPress Rushes Out Jetpack Patch to Millions

• Centripetal Extends Innovative CleanINTERNET® Technology to the Cloud

• Dark Pink APT Group Expands Tooling and Targets

• RomCom RAT Using Deceptive Web of Rogue Software Sites for Covert Attacks

• Microsoft found a new bug that allows bypassing SIP root restrictions in macOS

• Kali Linux 2023.2 released: New tools, a pre-built Hyper-V image, a new audio stack, and more!

• Why performing security testing on your products and systems is a good idea

• UberEats to use 2000 AI powered robots for delivery by 2026

• The Transformative Power of Artificial Intelligence in Healthcare

• Alert: Hackers Exploit Barracuda Email Security Gateway 0-Day Flaw for 7 Months

• The strategic importance of digital trust for modern businesses

• Attackers leave organizations with no recovery option

• Organizations are placing OT cybersecurity responsibility on CISOs

• Managing mental health in cybersecurity

• RaidForums – 478,604 breached accounts

• A.I. poses human extinction risk on par with nuclear war, Sam Altman and other tech leaders warn

• Kali Linux 2023.2 Released – What’s New!

• Spotlight on 2023 Dan Kaminsky Fellow: Dr. Gus Andrews

• BackBox Launches Cisco CIS Benchmark Automation Templates

• Discord Admins Hacked by Malicious Bookmarks

• Barracuda Networks patches zero-day vulnerability in Email Security Gateway

• Polish Credentials – 1,204,870 breached accounts

• 1. This crypto-coin is called Jimbo. 2. $8m was stolen from its devs in flash loan attack

Generated on 2023-06-01 23:55:24.759864