IT Security News Monthly Summary – June

• IT Security News Daily Summary 2021-05-31

• Swedish Health Agency discloses hacking attempts

• 
Video: Cobalt Strike & DNS – Part 1, (Sun, May 30th)

• Quick and dirty Python: nmap, (Mon, May 31st)

• Vectra: 10 most common threats for Azure AD, Office 365 customers

• Revisiting the NSIS-based crypter

• Denmark intel helped US NSA to spy on European politicians

• WWDC is One Week Away: Five Steps to Get Ready

• BrandPost: Veterans are Key to Filling the Cybersecurity Skills Gap

• Microsoft Creates Cybersecurity Council for the Public Sector in APAC

• Threat Actors Release Patient Data Stolen from New Zealand Hospitals to the Local Media

• Apple Rumored to Adopt OLED Displays in ‘Some’ iPad Models Starting Next Year

• CISA and FBI Warn of New Spearphishing Campaign Targeting Government Organizations and NGOs

• Microsoft asks all Asian Nations to collectively fight Cyber Threats

• Gen Z Y2K Fashion And Y2K Internet | Avast

• Brazil approves stricter legislation to tackle online crime

• Vulnerability Summary for the Week of May 24, 2021

• The DOD’s SWAT Team of Nerds

• Mini-LED Shipments for New MacBook Pro Models Expected in Third Quarter

• Expert Advice on New Crypto Scam Targeting Mobile Users

• Potentially Malicious Apps Your Kids May Use

• Strike First: The Benefits of Working With an Ethical Hacker

• Interpol Says 585 People Arrested in APAC Operation Against Cyber-Enabled Crime

• Interpol Thwarts Online Fraud Intercepting $83 Million Illicit Funds in the Asia-Pacific Region

• Imperva’s WAF Gateway 14.4 Protects Enterprises for the Post-COVID Era

• Gaining Insights Is Fundamental for API Security

• On the Taxonomy and Evolution of Ransomware

• 3 SASE Misconceptions to Consider

• 4 Ways CISOs Can Strengthen Their Security Resilience

• United States Memorial Day 2021

• Designing Zero Trust Endpoints

• US Nuclear Weapon Bunker Secrets Spill From Online Flashcards Since 2013

• Have I Been Pwned Teams With FBI, Gives Open Source Access To Code

• 3 arrested for smuggling over 250 Vietnamese migrants to Germany

• Password authentication is a mess. Here’s a system to replace it

• JBS Foods Shuts Down Due to Massive Cyberattack

• Danish Secret Service Helped US Spy on Germany’s Angela Merkel

• SonicWall Patches Command Injection Flaw in Firewall Management Application

• Kenyan Arrested in Qatar First Targeted by Phishing Attack

• S&P: Cyberattacks Could Trigger More Rating Actions on Banks

• Implications Of Russian Solarwinds Hackers New Email Attack On Government Agencies

• Russian Hackers Launch Major Cyberattack Through U.S. Aid Agency’s Email System, Microsoft Says

• Technology Blind Spots: Is Lack Of Visibility Leaving Your Business Exposed?

• More Businesses Adopting Encryption in the Last Year

• Amazon Devices Will Soon Share Internet with Neighbours

• New Zeeland’s Reserve Bank Taking Action to Respond to Data Breach Reports

• Siemens PLCs New Security Flaws Uncovered

• Cybercriminals Target Companies With New ‘Epsilon Red’ Ransomware

• An Advisory Issued by Carnegie Mellon University Warns Against the Vulnerability in Checkbox Survey

• Expert Advice on News that Fake Movie Streaming Service Leads to Malware

• Russia Phishing Attack On USAID, Other Human Rights Groups

• Russian Hacker Group Nobelium Attack U.S Gov Agencies By Targeting 3,000 Email Accounts

• The OSI Model and You Part 2: The Data Link Layer

• Can Your Business Email Be Spoofed? Check Your Domain Security Now!

• Your Amazon Devices to Automatically Share Your Wi-Fi With Neighbors

• Klarna Privacy Incident Was ‘Self-Inflicted Bug’, Experts Weigh In

• Epsilon Red Ransomware Goes After Unpatched Microsoft Exchange Servers

• Canada Post Disclosed Data Breach Due To Third-Party Ransomware Attack

• Half-Double Rowhammer Vulnerability Even Targets The Latest Chips

• Klarna Privacy Incident Was ‘Self-Inflicted Bug’

• 5 Free and Open Source Patch Management Tools for Your Company

• CISA-FBI Alert: 350 Organizations Targeted in Attack Abusing Email Marketing Service

• What Is a Supply Chain Attack?

• PCs Offer ‘Better Gaming Experience Than 100% of Mac Laptops,’ Intel Claims in Ongoing Anti-Apple Campaign

• May 2021 Web Server Survey

• The slow trend away from facial recognition technology

• US Proposes $750m For Federal SolarWinds Response

• US Sets Next Stage For $250bn Bill To Counter China Tech

• Activists Launch Action Against ‘Cookie Banner Terror’

• IT threat evolution Q1 2021. Mobile statistics

• IT threat evolution Q1 2021

• Apple Publishes 2021 Supplier Progress Report

• Russian Hackers Are Using  4 New Malware Families

• IT threat evolution Q1 2021. Non-mobile statistics

• Apple to ‘Add More Stores’ Around the World, Says SVP of Retail

• Scam Alert! Unsubscribe Spam Emails Used by Spammers to Confirm Legitimate Email Accounts

• 6 most common types of software supply chain attacks explained

• HITRUST explained: One framework to rule them all

• Amazon Introducing ‘Wellness Booths’ Into Warehouses

• ‘Twitter Blue’ Subscription Service Appears On App Stores

• Bitcoin Heads For Worst Slide In Nearly 10 Years

• Experts devised a new attack to bypass Microsoft PatchGuard

• A week in security (May 24 -30)

• BazaLoader Malware is Being Distributed by Hackers Using a Bogus Streaming Website

• Microsoft wants to unite APAC governments with cybersecurity council

• Phishing Victims are Urged to Send their Mailing Address to Hackers Posing as Walmart

• Where Should I Spend My Time? Looking at Verizon DBIR & Executive Order

• U.S. Critical Infrastructure: Addressing Cyber Threats and the Importance of Prevention

• A New Bug in Siemens PLCs Could Let Hackers Run Malicious Code Remotely

• Trying to register your antivirus in Windows Security Center?

• Tesla In-Car Cameras To Monitor Driver Awareness

• Welcoming the Dominican Republic Government to Have I Been Pwned

• Exposing Protonmail and Tutanota’s Illicit Abuse by Ransomware Gangs – A Compilation of Currently Active Ransomware-Themed Email Addresses – Part Two

• COVID-19 – Phishing attacks target employees that come back to the office

• Rethinking SIEM requires rethinking visibility

• Microsoft warns against the new Russian Cyber Attacks that targeted 150 US firms

• Suspected Ransomware attack shuts down JBS Meat Processing

• Best practices for securing the CPaaS technology stack

• The value of SD-WAN connectivity

• How colocation can improve TCO for the enterprise

• Facefish Backdoor Steals Login Credentials & Execute Arbitrary Commands on Linux Systems

• The Ministry of Internal Affairs of Russia will launch a program for recognizing deepfakes in the fall of 2022

• Organizations have seen an increase in device encryption

• Apple’s M1 Chip Has a Fascinating Flaw

• SeKVM: Securing virtual machines in the cloud

• AlmaLinux OS 8.4: A free open source alternative to CentOS

• SnapLogic Fast Data Loader simplifies cloud data warehouse loading

• A Road to a Consistent Encryption Strategy

• Elastic broadens support for osquery, the open source host instrumentation framework

• Amazon ECS Anywhere enables customers to run Amazon ECS on any infrastructure

• Covert channel in Apple’s M1 is mostly harmless, but it sure is interesting

• AI Could Soon Write Code Based on Ordinary Language

• Russian SolarWinds hackers launch email attack on government agencies

• Google Chrome will fix your hacked passwords with one tap

• FBI partners with ‘Have I Been Pwned’ on breached password database

• Bishop Fox appoints Patty Wright as SVP and GM of consulting

• IT Security News Weekly Summary – Week 21

• IT Security News Daily Summary 2021-05-30

• Lest We Forget, All Gave Some, Some Gave All

• Memorial Day Weekend Plans?

• BSides Canberra 2021 – Sean Yeoh’s, Patrick Mortensen’s, Michael Gianarakis’ And Shubham Shah’s ‘Context Aware Content Discovery: The Natural Evolution’

• Video: Cobalt Strike & DNS – Part 1, (Sun, May 30th)

• Intelligent Waves Appoints Six Senior Advisory Board Members in Support of Strategic Market Expansion

• SASE as a Service: The role of managed services in the world of network security convergence

• BSides Canberra 2021 – Jayden Rivers’ ‘Attacking The TCache In GLibc 2.32’

• If Boko Haram’s Leader Is Dead, What’s Next for Northeastern Nigeria?

• Interpol has intercepted $83 million from financial cyber crimes

• HPE Patches the Zero-Day Vulnerabiity in Systems Insight Manager Software for Windows

• These 2 attacks allow to alter certified PDF Documents

• US Says Agencies Largely Fended Off Latest Russian Hack

• Apple’s M1 Chip Has a Fascinating Flaw

• Chinese APT Threat Actors Hacking Pulse Secure VPN Devices Remotely

• Security Affairs newsletter Round 316

• YARA Release v4.1.1, (Sun, May 30th)

• Sysinternals: Procmon, Sysmon, TcpView and Process Explorer update, (Sun, May 30th)

• APT: China-Based Threat Group Attacks Pulse Secure VPNs

• FireEye: Transportation and Telecom Firms Being Hit in Chinese Espionage

• Facefish Backdoor delivers rootkits to Linux x64 systems

• Week in review: VMware critical updates, prevalent enterprise cybersecurity risks, 3 years of GDPR

• Multilingual Cybersecurity Awareness Training adapted for your needs

• Penetration testing

• Apple’s Big Sur 11.4 Patches a Security Flaw that Could be Exploited to Take Screenshots

• Hackers Attack AnyDesk Using Malvertising Campaign With Evasion Technique

• Kaspersky detected a new method of cyber attacks on corporate data

• Stalkerware: What is being done to protect victims as the number of cases rises

• Western Digital UFS 3.1 enables storage for new apps in mobile, automotive and IoT industries

• Ignition partners with Siemplify to bring SOAR technology to MSSPs across the UK

• 3 Common Encryption Mistakes That Are Easy to Avoid

• Thales and Atos develop a sovereign big data and AI platform for defence and security

• Booz Allen and Databricks unify data and AI to meet federal agencies’ data challenges

• FBI will share compromised passwords with HIBP Pwned Passwords

• IT Security News Daily Summary 2021-05-29

• Secure Search is a Browser Hijacker – How to Remove it Now?

• Adversarial attacks in machine learning: What they are and how to stop them

• BSides Canberra 2021 – Christopher Vella’s ‘Easy LPEs And Common Software Vulnerabilities’

• Spear-phishing Email Targeting Outlook Mail Clients , (Sat, May 29th)

• US Soldiers Exposed Nuclear Secrets on Digital Flash Ccards

• Samsung Reportedly Begins Production of 120Hz Display for Upcoming iPhone 13 Pro Models

• BSides Canberra 2021 – Alex’s ‘Finding Tony Abbott’s Passport Number And Entering The Do Not Get Arrested Challenge 2020’

• XKCD ‘Astronomy Status Board’

• Jony Ive Was Involved in the New M1 iMac Design, Despite Leaving Apple in 2019

• Cryptocurrency trading bots: Strengthening Cybersecurity and minimizing risks

• Using Fake Reviews to Find Dangerous Extensions

• Security News in Review: SolarWinds Threat Group Launches New Phishing Campaign

• Memorial Day Accessory Deals: Shop and Save During Sales at Nomad, Anker, Twelve South, and More

• Fearing Data Breach, BBMP Shuts Down COVID-19 Test Data Collection Portal

• SonicWall Urges Customers to ‘immediately’ Patch NSM On-Prem Bug

• US Soldiers Exposed Nuclear Secrets on Digital Flashcards

• Top Stories: New MacBook Pro at WWDC?, iOS 14.6 Released, AirPods Rumors

• A Complete Malware Analysis Tutorials, Cheatsheet & Tools list for Security Professionals

• VMware Urges Patching Critical RCE Vulnerability In vCenter Server

• Hackers Exploited Fujitsu SaaS Targeting Japanese Govt Agencies In New Supply-Chain Attack

• New TSA Cybersecurity REQs for Critical Pipeline Owners/Operators

• Secure Access Service Edge (SASE) Helps Modernize Government IT

• Our Latest Open Source Innovation, Yor: Automated IaC Tag and Trace

• The Bizarro Streaming Site That Hackers Built From Scratch

• IoT Security: Why Food Industry Cyber Awareness Should Be Your Main Ingredient

• FBI says Attackers Breached US Local Govt After Hacking a Fortinet Appliance

• This Entertainment-Themed Campaign Installs Malware in User Computer System

• Researchers Demonstrate 2 New Hacks to Modify Certified PDF Documents

• ‘Build’ or ‘Buy’ your own antivirus product

• SonicWall fixes an NSM On-Prem bug, patch it asap!

• Week in security with Tony Anscombe

• What is data loss prevention?

• Hackers Exploited Fortinet Vulnerabilities to Gain Access of a U.S. Municipal Government Webserver

• How Gamification is Changing Cybersecurity

• El aumento de los ciberataques y su prevención: Caso Colonial Pipeline

• Databricks Delta Sharing protocol secures real time data sharing between organizations

• Protegrity now available in AWS Marketplace

• Egnyte integrates with Google and Dropbox to help companies secure their sensitive cloud content

• Material Security raises $40M to expand business operations and R&D

• Russian hackers launch major cyberattack on U.S. agencies, weeks before Biden-Putin summit

• MAR 10339794-1.v1 – Cobalt Strike Beacon

• Joint CISA-FBI Cybersecurity Advisory on Sophisticated Spearphishing Campaign

• Sophisticated Spearphishing Campaign Targets Government Organizations, IGOs, and NGOs

• Guardsquare appoints new CPO and VP of Engineering

• Trustwave expands senior leadership team with two new appointments

• Biden’s first budget ups cyber and tech spending; gives feds a 2.7% pay raise

• XDR and The Future Security Stack

• Apple Delays Launch of Podcasts Subscriptions Until June

• MSFT warns group behind SolarWinds cyberattack’s returned to target over 150 organizations

• Breaking down NOBELIUM’s latest early-stage toolset

• IT Security News Daily Summary 2021-05-28

• Chinese APT Groups Continue to Pound Away on Pulse Secure VPNs

• The SolarWinds Hackers Aren’t ‘Back.’ They Never Went Away

• Docker expands its trusted container offerings

• Apple Inks Deal for ‘The Big Door Prize’ From ‘Schitt’s Creek’ Writer

• Hackers Exploit Post-COVID Return to Offices

• Cisco Secure Firewall insertion using Cisco cAPIC in Azure

• CVE-2020-15782 flaw in Siemens PLCs allows remote hack

• How Have Information Operations Affected the Integrity of Democratic Elections in Latin America?

• US nuclear weapon bunker security secrets spill from online flashcards since 2013

• Imperva launches tool to automate enterprise data privacy compliance

• Nuclear Flash Cards: US Secrets Exposed on Learning Apps

• Blurred Satellite Images Make Rebuilding Palestine Harder

• FBI Update on Exploitation of Fortinet FortiOS Vulnerabilities

• How to Get Developer and Security Teams Aligned

• 2021 M1 iPad Pro vs. 2020 iPad Pro: Is It Worth Upgrading?

• Apple Patches Flaw That Allows Sneaky Screenshots | Avast

• Security Analytics Firm Uptycs Raises $50 Million

• Chart: Cloud Concerns

• Apple Wanted to Buy Rap-Battle Series ‘Verzuz’

• Online flashcard sites spill security details of US nuclear weapon bunkers since 2013

• SolarWinds attacker Nobelium targets over 150 companies in new mass email campaign

• Hackers Launch Cyberattack via U.S. Aid Agency Email Accounts

• BSides Canberra 2021 – Josh Johnson’s ‘Electronic Hardware Design’

• Grandchild of Rowhammer: ‘Half-Double’ Tactic Flips Farther Bits

• Memorial Day Apple Deals: Shop All-Time Low Prices on M1 MacBook Pro, Apple Watch Series 6, and More

• Nobelium Attack Highlights Risk of Exposed Credentials

• SolarWinds hackers using NativeZone backdoor against 24 countries

• Security automation for digital transformation

• MacRumors Giveaway: Win a Massive 2000Wh Bluetti Portable Power Station

• Autodesk CEO: Economic cycle in industries we serve has bottomed out

• Modern SOCs a ‘Painful’ Challenge Amid Growing Complexity: Report

• People of JumpCloud | Chase Doelling

• Review: The Chipolo ONE Spot is a Solid AirTag Alternative With Built-In Hole and Louder Sound

• Changes In Long Distance Relationships Online | Avast

• Threat spotlight: Conti, the ransomware used in the HSE healthcare attack

• QuoLab Technologies Recognized for its Commitment to Enhancing Security Operations

• Asymmetrical threats in Cybersecurity

• Teaching kids internet safety tips for Zoom parties

• The group that hacked SolarWinds is out with a new campaign, Microsoft says

• Strategies for improving enterprise network management and security

• SolarWinds hackers resurface to attack government agencies and think tanks

• A Wrench and a Screwdriver: Critical Infrastructure’s Last, Best Lines of Defense?

• SolarWinds Attackers Impersonate USAID in Advanced Email Campaign

• Death by a Thousand Cuts: Chipping Away at Due Process Rights in HK NSL Cases

• Texas unemployment website hit by identity fraud Cyber Attacks

• MDM vs. MAM: What are the key differences?

• Fujitsu ProjectWEB Tool Used as a Doorway to Target Japanese Government Offices

• Researchers Warn of Facefish Backdoor Spreading Linux Rootkits

• Q1 2021 Threat Trends & Intelligence Report

• Microsoft warns of new hack by group behind SolarWinds attack

• AutoDesk CEO: Economic cycle in industries we serve has bottomed out

• How dangerous are deepfakes?

• How to hire right machine learning company

• Police Raid Bitcoin Mining Operation

• HPE Fixes Critical Zero-Day in Server Management Software

• Newly Disclosed Vulnerability Allows Remote Hacking of Siemens PLCs

• Siemens Patches Major PLC Flaw that Bypasses Its ‘Sandbox’ Protection

• SolarWinds Hackers Target Think Tanks With New ‘NativeZone’ Backdoor

• Five Practical Steps to Implementing a Zero-Trust Network

• What Is perfdump in Android?

• Enterprise Patch Management: What It Is and Why You Need It

• On the Anatomy of a DNS Attack – Types, Technical Capabilities, TTPs, and Mitigation

• What Is CERT in Security and Why Do You Need It?

• Your Cybersecurity is Only as Strong as Your Weakest Vendor

• How to Easily Set Up Mutual TLS

• Chinese Hackers Started Covering Tracks Days Before Public Exposure of Operations

• Resilience: RSA Conference 2021

• Boss of ATM Skimming Syndicate Arrested in Mexico

• Mozilla Launches Facebook Ad Campaign To Educate Users About How Facebook Collects Their Data

• 1st Referral Action Day Against Right-Wing Terrorist Online Propaganda

• Most Mobile Apps Can Be Compromised in 15 Minutes or Less

• Plug-ins for Code Editors Pose Developer-Security Threat

• Fujitsu’s SaaS Hack Affects Japanese Government

• SolarWinds Hackers Targeting Government Agencies Via Email

• Police Raid Cannabis Farm, Find Bitcoin Mine

• Russian Hackers Target Aid Groups Says Microsoft

• FBI Issues Warning About Fortinet Appliances After APT Group Hacks Local Government Office

• Fujitsu SaaS Hack Sends Government Of Japan Scrambling

• What Is the Outgoing Mail Server for Gmail and How to Configure It

• SolarWinds attackers launch new campaign

• Kubernetes Identity and Access Management Made Easier With D2iQ

• How the TMF can enable broad improvements across government

• Canada Post Says 950,000 Customers Hit by Breach at Supplier

• Industrial-scale cocaine lab uncovered in Rotterdam in latest Encrochat bust

• Solid Edge: Solid Modeling Software Affected by Vulnerabilities

• MORE THAN LIKELY, OR LESS THAN PROBABLE: IS A TRULY QUANTITATIVE SECURITY ANALYSIS POSSIBLE?

• Relativity acquires Text IQ to augment AI platform for lawyers

• Nobelium Phishing Campaign Poses as USAID

• DHS opens valve on new pipeline security requirements

• China-linked APT groups targets orgs via Pulse Secure VPN devices

• Kaspersky Security Bulletin 2020-2021. EU statistics

• What’s New at OffSec – May 2021

• Gurman: Apple Not Working on Second-Generation AirPods Max, But Has Considered New Colors

• Deals: First Amazon Discount Arrives for M1 11-Inch iPad Pro, Get 128GB Wi-Fi Model at $749 ($50 Off)

• Keeping Phishing Simulations on Track

• Newly Released Records Show How Trump Tried to Retaliate Against Social Media For Fact-Checking

• HEALTHCARE PRIVACY–BIGGER THAN JUST HIPAA

• FBI Shares IOCs for APT Attacks Exploiting Fortinet Vulnerabilities

• FBI Issues Flash Advisory on Conti Ransomware Attacks Impacting Healthcare and First Responder Networks

• WhatsApp’s Fight With India Has Global Implications

• WordPress compromises: What’s beyond the URL?

• Cyber Hygiene: An ounce of prevention is worth a pound of incident response

• Secure Workload and Secure Firewall – Unified Segmentation

• Gurman: Combined HomePod/Apple TV Device Remains in Early Development

• Kdan PDF Reader Review: A Convenient Alternative To The Leading PDF Editors

• What are the best wallets to secure your crypto?

• High-Profile Uyghurs Targeted by Chinese Hackers Impersonating UN Human Rights Council

• Building Multilayered Security for Modern Threats

• SolarWinds Hackers Impersonate U.S. Government Agency in New Attacks

• Gurman: AirPods Pro 2 With Fitness Tracking and Updated Motion Sensors Coming in 2022, AirPods 3 With ‘Pro’ Design to Launch Later This Year

• Openreach Doubles Rural Full Fibre Deployment Target

• SolarWinds Hackers Target Think Tanks With New Backdoor

• Are You Safe From Malicious Insider Threats By Remote Workers?

• The Misaligned Incentives for Cloud Security

• Gurman: AirPods Pro 2 With Fitness Tracking and Updated Motion Sensors Coming in 2022, AirPods 3 With ‘Pro’ Design Coming Later This Year

• FBI to Share Compromised Passwords with Have I Been Pwned

• Ongoing Nobelium Phishing Campaign Impersonates USAID, Microsoft Warns

• TSA’s pipeline cybersecurity directive is just a first step experts say

• Gartner’s Approach to Reduce your Data Center Costs

• Password breach service Have I Been Pwned goes open source

• Researchers find four new malware tools created to exploit Pulse Secure VPN appliances

• Microsoft details new sophisticated spear-phishing attacks from NOBELIUM

• Apps Reportedly Limited to Maximum of 5GB RAM in iPadOS, Even With 16GB M1 iPad Pro

• Microsoft warns of new hacking group behind SolarWinds attack

• CIO Think Tank Roadmap Report: Reinventing IT

• Most cloud security problems breathe

• New Spyware Designed to Target the Uyghur Minority

• DHS Issues First Cybersecurity Regulation for Pipelines

• WhatsApp’s Encryption Fight With India Has Global Stakes

• Russian hackers launch major cyberattack through U.S. aid agency’s email system, Microsoft says

• Klarna’s Users Reveals Major Data Breach

• Trojanized AnyDesk Installer Found in Google Ads

• US Government Whips Pipeline Owners into Shape with New Cybersecurity Directive

• DubaiCoin: Dubai’s First Cryptocurrency Rose Over 100% Since its Debut

• Klarna Vulnerability Allowed 90 000 Users to See the Account Details of Other Customers

• 6 Tips To Choose The Best Bot Protection Solution

• New US CISO appointments, May 2021

• SolarWinds Hackers Target Government Agencies, NGOs, Microsoft Warns

• Quick Hits: May 28

• FCW Insider: May 28, 2021

• Canada Post disclosed a ransomware attack on a third-party service provider

• FBI Reveals APT Hackers Breached U.S. Local Government by Exploiting Fortinet Bugs

• How Hackers Steal Web Session Cookies From Facebook in Chrome?

• Army sends memo to remote workers reminding them of IoT security risks in-home

• FBI warns of Fortinet vulnerabilities

• Canada Post’s Data Breach Affected 950K Customers

• New TSA security directive is a needed shock to the system

• Russian gang behind SolarWinds hack returns with phishing attack disguised as mail from US aid agency

• Want your endpoint security product in the ‘Microsoft Consumer Antivirus Providers for Windows’ ?

• Weekly Update 245

• Chinese Cyber Espionage Hackers Continue to Target Pulse Secure VPN Devices

• Code Itself Is a Growing Security Threat

• US Fuel companies should report cyberattacks to the government

• Microsoft Chief Brad Smith wants AI to be controlled by 2024

• I hacked my friend’s website after a SIM swap attack

• Supreme Court To Decide Scope of Federal Hacking Law

• New infosec products of the week: May 28, 2021

• Over 50,000 IPs Across Multiple Kubernetes Clusters Were Compromised by The TeamTNT Threat Actors

• Malicious PowerShell Hosted on script.google.com, (Fri, May 28th)

• Why cybersecurity products always defy traditional user reviews

• How businesses can protect their brands and bottom lines against damage from illegal robocalls

• It’s time to shift from verifying data to authenticating identity

• Hong Kong recorded phishing surge in 2020 as scum sought to cash in on viral worries

• TenSec 2019

• Exploiting Wi-Fi Stack on Tesla Model S

• Tencent Keen Security Lab joins GENIVI Alliance

• Tencent Keen Security Lab: Experimental Security Assessment on Lexus Cars

• Tencent Security Keen Lab: Experimental Security Assessment of Mercedes-Benz Cars

• Resecurity Named Winner of the Coveted Global InfoSec Awards During RSA Conference 2021

• Stories from the SOC -SSH brute force authentication attempt tactic

• Moscow has completed a large-scale study on the security of 5G

• Application security not a priority for financial services institutions

• Identity crime victims struggling with financial, emotional and physical impacts

• Microsoft warns of current Nobelium phishing campaign impersonating USAID

• Professionals are burned out and in need of a break

• ISC Stormcast For Friday, May 28th, 2021 https://isc.sans.edu/podcastdetail.html?id=7520, (Fri, May 28th)

• AtScale CloudStart builds analytics infrastructure on cloud data platforms

• Securiti for Workday enables organizations to protect employee and financial information

• WhatsApp’s Fight With India Could Have Global Repercussions

• Elastic supports Microsoft Azure monitoring use cases with native Microsoft Azure console integration

• Stacklet Platform delivers frictionless governance that accelerates cloud adoption in large-scale environments

• eSafety prepares for Online Safety Act with AU$3m software pilot and 20 new staff

• Blue Hexagon delivers agentless cloud-native AI security at runtime for Google Cloud

• JFrog Private Distribution Network accelerates large-scale application delivery

• Microsoft Announces New Campaign from NOBELIUM

• Welcomed Progress: Cybersecurity Executive Order Aims to Improve Nation’s Cyber Posture

• Ransomware Detection and Mitigation Strategies in OT/ICS Environments

• A SOC Tried To Detect Threats in the Cloud … Your Won’t Believe What Happened Next

• IntSights enhances its platform to expand investigation capabilities and threat library

• Accelerating information availability to support mission-critical decisions

• DHS to issue new pipeline security regulations after Colonial attack

• Versa SASE delivers secure SD-WAN connectivity with Google Cloud NCC

• KubeSphere 3.1.0: Enabling DevOps teams to run Kubernetes workloads where and when they want

• 5 Top Cybersecurity Threats to Businesses

• FBI issues warning about Fortinet vulnerabilities after APT group hacks local gov’t office

• Updates to Alert on Pulse Connect Secure

• 3Cloud partners with Databricks to simplify data and AI workflows, improve collaboration

• New sophisticated email-based attack from NOBELIUM

• DataDome raises $35M to scale its global sales, marketing, delivery and R&D teams

• Uptycs raises $50M to expand the breadth of its cloud-native security analytics platform

• Pipeline operators now required to report cybersecurity threats to DHS

• As China plans new rules, automakers make plans to store car data locally

• An Inside Look at Cybercrime-as-a-Service

• WhatsApp’s Fight With India Could Have Global Repercussions

• Cobalt Iron granted a patent for dynamic authorization control based on conditions and events

• 1Password appoints Raj Sarkar as CMO

• Ashish Gupta joins LendingPoint as CRO

• Apple Watch Series 3 Owners Now Required to Perform Restore When Updating Due to Storage Constraints

• Twitter Confirms Plans for ‘Twitter Blue’ $2.99 Monthly Subscription Service

• Chile’s New “Who Defends Your Data?” Report Shows ISPs’ Race to Champion User Privacy

• Targeted AnyDesk Ads on Google Served Up Weaponized App

• Mobile app security best practices for 4 vulnerability types

• IT Security News Daily Summary 2021-05-27

• Tech can help, but clearance reciprocity is a policy issue

• Debunking infosec purity and other security myths in the wake of recent attacks

• ‘Have I Been Pwned’ Code Base Now Open Source

• APT hacked a US municipal government via an unpatched Fortinet VPN

• How Utah secures shared data

• Army wants teleworkers to switch off smart IoT devices

• Army reminds remote workers that in-home IoT devices pose security risks

• BazaLoader Attackers Create Fake Movie Streaming Site to Trick Victims

• Re-Checking Your Pulse: Updates on Chinese APT Actors Compromising Pulse
  Secure VPN Devices

• Apple Teams Up With the University of Nevada, Reno to Give Every Freshman a Free iPad Air

• The Ransomware Problem Is a Bitcoin Problem

• Hackers used macOS 0-days to bypass privacy features, take screenshots

• Colonial Pipeline forked over $4.4M to end cyberattack — but is paying a ransom ever the ethical thing to do?

• Identity, credentials and behavior are critical to network protection

• Have I been Pwned goes open source

• Happy Birthday GDPR!

• Why May 2021 Represents a New Chapter in the “Book of Cybersecurity Secrets”

• National Security Agency (NSA)

• What Cybersecurity Can Learn From Video Games (Part II)

• 3 steps to zero-day threat protection

• Automatize sua rotina de TI com o recurso de fluxo de trabalho do OpManager

• 5 aspectos principais de rede para conformidade com a HIPAA

• U.S. Charges 22 in Stolen Payment Cards Crackdown

• Acronis: Pandemic Hastened Cloud Migration, Prompting New Security Issues

• Why this expert says to fight ransomware, we need to ban cryptocurrency

• Canada Post discloses data breach after malware attack

• DHS releases new cybersecurity guidelines for pipelines after Colonial attack

• Japanese Ministries Confirm Impact from Fujitsu Data Breach

• Apiiro wins RSA Conference Innovation Sandbox Contest

• DHS announces security measures for critical pipeline industry

• Kia Offers Free Apple Watch With EV6 Electric Car Purchase

• RMM software: What is it and do you need it?

• How to protect your enterprise applications against disruptions and downtime

• Amazon’s Jeff Bezos To Step Down 5 July

• Canadian Post discloses data breach after malware attack

• Scripps Health still grappling with impact of May 1 ransomware attack

• Homeland Security unveils new cybersecurity requirements for pipeline operators

• How to enable SSH 2FA on AlmaLinux for more secure logins

• Let’s Stop Blaming Employees for Our Data Breaches

• Falsifying and weaponizing certified PDFs

• Apache Spark plays in the NetApp data analytics playground

• DHS Orders Pipeline Operators to Report Cyberattacks, Review Security Posture

• Edge DNS Secondary Implementation: Order of Operations for NS Zone and Registrar Records

• BSides Canberra 2021 – “BSidesCbr 2021 Announcement”, CSides October 2020

• How Indusface Is Helping Enterprises Manage Certificates?

• Why A ‘Layers And Lists’ Approach To Cybersecurity Is Doomed To Fail

• Ways to setup Squid proxy server and helpful tips

• What is a trusted advisor?  …and why do I need one?

• How Menlo Uses Isolation to Secure Mobile Devices in the Cloud

• The Privacy Act Project: Revisiting and Revising the Privacy Act of 1974

• Why adopt a data-centric solution for data privacy?

• Watch CNBC’s full interview FireEye CEO Kevin Mandia

• FireEye CEO on growth and outlook for cybersecurity sector

• SolarMarker Backdoor Pretends to be Legit PDFescape Installer

• Healthcare service faces test of willpower with Ransomware authors

• Japan government servers hacked and data stolen

• How to Erase or Wipe Sensitive Files From Hard Drive

• CMMC assessor training expected in late summer

• How to achieve persistent SSH connections with the open source MOSH

• Social Media Giants Seek Futher Extension in Deadline to Comply with Government Rules

• NASA identified 1,785 cyber incidents in 2020

• Disrupting Adversary Behavior with Recorded Future and MITRE ATT&CK

• Dominos India Admits Data Breach After Hackers Upload Stolen Data For Sale

• German Police Investigate Possible Arson At Tesla’s Gigafactory

• After Colonial attack, TSA issues new cyber regs for pipelines

• Singapore sends out drones to watch over reservoirs

• DataDome Raises $35 Million for Its Anti-Bot Solution

• One BazarLoader Call Center that Installs Malware: A Deeper Look into Its Operations

• Microsoft’s Nadella Hints At Significant Windows Update

• Docker launches Verified Publisher program to boost container security for devs

• Rowhammer reach extended for new attack method

• Drupal Releases Security Updates

• Pwned Passwords, Open Source in the .NET Foundation and Working with the FBI

• Malvertising Campaign On Google Distributed Trojanized AnyDesk Installer

• XDR: Moving Beyond the Limits of SIEM and SOAR

• How remote work forced the enterprise’s hand at cybersecurity

• Apple’s Wearables Shipments Increasing, but Losing Market Share to Smaller Competitors

• 87% Of UK Consumers Believe Their Devices Are Being Listened To Without Permission, And Half Don’t Know How To Op-out Of Data Sharing

• Canada Post Discloses Data Breach

• Belgian Government Hacked By Foreign Power; Did Microsoft Let The Belgians Down?

• OnlyFans Fails to Prevent Children from Selling Explicit Videos

• Japanese Government Agencies Suffered Data Breaches

• What to do after a Ransomware Attack?

• Half-Double – Google Discovered A Critical Memory Chip Based Rowhammer Vulnerability

• Vulnerabilities in Visual Studio Code Extensions Expose Developers to Attacks

• US Pipelines Ordered to Increase Cyber Defenses After Hack

• British Police Arrest Eight People in Smishing Fraud Case

• Prevention Is the Only Cure: The Dangers of Legacy Systems

• Going on-premise with SecureX orchestration remote

• Sensor-Shift Camera Stabilization Still Expected on All iPhone 13 Models

• National Crime Agency Report Ranks Ransomware as Major Crime

• Canada Post Notifies 44 Large Commercial Customers Of Data Breach

• Ford Focus RS (Potentially For Sale)

• Team builds first hacker-resistant cloud software system

• Twitter Concerned For Staff Safety, Alleges ‘Intimidation Tactics’ By Indian Police

• 22 people indicted on malware, credit card fraud charges

• Wrapping Up a Year of Infamous Bazar Campaigns

• What ‘cross-cloud’ architects need to know

• Fujitsu SaaS Hack Sends Govt. of Japan Scrambling

• Facebook Adapts Defenses as Deception Campaigns Go Stealth

• Deals: Save Up to $34 on Apple’s 10.2-Inch iPads, Starting at $299 for 32GB Wi-Fi

• New Rowhammer Attack Technique Discovered by Google

• Security by Design and NIST 800-160, Part 4: Technical Processes From ‘Go’ to Disposal

• Cryptocurrency scam attack on Twitter reminds users to check their app connections

• Bose Reveals Data Breach After Ransomware Attack

• Japan Expects Russian Cyberattacks on Tokyo Summer Olympics

• Data Wiper Malware Disguised as Ransomware Targets Israeli Entities

• NASA Identified Over 6,000 Cyber Incidents in Past 4 Years

• Why Evaluating Cybersecurity Prior to Mergers and Acquisitions is Necessary

• “Unpatchable” vuln in Apple’s new Mac chip – what you need to know

• Biden-Putin Summit Tensions: Feds Say Russia A Hacker Safe Haven

• U.S. Announces New Security Directives For Pipelines After Hack

• PDF Feature Certified Widely Vulnerable To Attack

• Hackers Posing As The United Nations Hacked Uyghur Muslims

• Cybereason CEO told the world about DarkSide’s hacking techniques from a bomb shelter in Israel

• WhatsApp Allegedly Sues Indian Government Over New Privacy Rules

• OnePlus Co-Founder Carl Pei’s Twitter Account Hacked in Crypto Scam

• M1RACLES Bug Impacts Apple M1 Chips

• A Never-Before-Seen Wiper Malware Is Hitting Israeli Targets

• Cyber Diplomacy – a course from UN Office for Disarmament Affairs

• Six Key Characteristics of a Modern ZTNA Solutions

• Perform simple security tests yourself – using Metasploit Framework and nmap

• Hackers compromised Japanese government offices via Fujitsu ‘s ProjectWEB tool

• Sony Bringing PlayStation Video Game Franchises to Mobile by March 2022

• Expert Reaction On Japanese Government Agencies Suffer Data Breaches After Fujitsu Hack

• Trusting Remote Work Security in Higher Education

• Criminals love cryptocurrencies. Should you?

• This phishing attack is using a call centre to trick people into installing malware on their Windows PC

• Biden’s Cybersecurity Executive Order Puts Emphasis on the Wrong Issues

• Fujitsu pulls ProjectWEB tool offline after apparent supply chain attack sees Japanese infosec agency data stolen

• ExtraHop Explains How Advanced Threats Dominate Threat Landscape

• 6 Tips For Controlling Third-Party App Ransomware Threats In K-12

• Bluetooth Vulnerabilities Allow Impersonation Attacks on Devices

• Cloud Security Risk: How to Address Common Threats with Continuous Monitoring

• Email Protection Firm Material Security Raises $40 Million

• The Story of the 2011 RSA Hack

• AHRC: ‘High-Risk’ Facial Recognition Should Be Banned

• It’s Official: (ISC)² Security Congress is Back for the 11th Year in a Row!

• Uber Recognises GMB Trade Union In Historic Move

• Your May 2021 Security Intelligence Roundup: The DarkSide Ransomware Attack, Better Zoom Meetings, and How To Secure OpTech

• Siemens Addresses Code Execution Vulnerabilities Found in Popular CAD Library

• Apple Offers Deeper Look into Stephen King’s ‘Lisey’s Story’ Coming to Apple TV+ June 4

• Kali Linux team releases Kaboxer, a tool for managing applications in containers

• Digital Equity In Education | Avast

• Minority report: Fake human rights documents and websites used in cyberattacks targeting Uyghurs, a Turkic ethnic minority in China

• Fake human rights organization, UN branding used to target Uyghurs in ongoing cyberattacks

• Big changes to 1Password in the browser as it adds biometric unlocking

• EU Privacy Groups Set Sights on Facial Recognition Firm

• Research Reveals More Than 2000 Chrome Extensions Disabled Security Headers

• Vulhub – Pre-Built Vulnerable Docker Environments For Learning To Hack

• Hackers Using Fake Foundations to Target Uyghur Minority in China

• All your Base are…nearly equal when it comes to AV evasion, but 64-bit executables are not, (Thu, May 27th)

• Gmail to Let Users Save Image Attachments Directly to Google Photos

• Apple Improves Developers Forum Ahead of WWDC

• Facebook Lifts Ban On Man-made Covid-19 Posts

• WhatsApp Filed a Lawsuit Against Indian Govt “Gov Rules Would Break End-to-end Encryption”

• WhatsApp’s New Privacy Policy: A Quick Look

• Apple Releases iOS 14.6, watchOS 7.5, macOS 11.4 and More, with Many Security Fixes

• M1s Everywhere – Intego Mac Podcast Episode 189

• Belgium Interior Ministry Fell Prey To ‘Sophisticated’ Cyber Attack

• Credential stuffing explained: How to prevent, detect, and defend against it

• Human Rights Commission calls for a freeze on ‘high-risk’ facial recognition

• Check Point Research: Asia Pacific experiencing a 168% year on year increase in cyberattacks in May 2021

• New Iranian Group ‘Agrius’ Launches Destructive Cyberattacks on Israeli Targets

• 1Password on the Web Gains Touch ID Support, Dark Mode, and More

• Scammers Pose as Celebrities To Swindle Black Lives Matter Donors

• Crypto fraud on social media is rife

• Imperva Data Privacy protects and reports on personal data across all data assets

• Open-source tool Yor automatically tags IaC resources for traceability and auditability

• iOS 14.6 and macOS Big Sur 11.4 arrive with new audio features and more

• China will likely ban all bitcoin mining soon

• This massive phishing campaign delivers password-stealing malware disguised as ransomware

• Malware caught using a macOS zero-day to secretly take screenshots

• Japan’s biggest dating app hit by major cyberattack

• Various Japanese government entities had data stolen in cyber attack: Report

• M1RACLES, the unpatchable bug that impacts new Apple M1 chips

• VSCode Extension vulnerabilities could lead to cyberattacks on the supply chain

• Which? gives banks deadline on disclosing fraud refund rates

• Want to add antivirus to your existing portfolio?

• Everyone Wants to Build a Cyber Range: Should You?

• Japan predicts hacker attack on Tokyo Summer Olympics by Russian hackers

• Could Network Security Be Key to Ideal UX?

• Three Things Holding Back Cloud Security

• €45 million worth of heroin concealed in marble shipment seized in Romania

• Newly Discovered Bugs in VSCode Extensions Could Lead to Supply Chain Attacks

• How Biden’s EO Impacts Cybersecurity Players

• Executive Protection Needs to Include Digital

• Contactless Passwordless Auto Login

• Zeppelin ransomware gang is back after a temporary pause

• French intel found flaws in Bluetooth Core and Mesh specs

• Multiple Bluetooth Vulnerabilities Allowed Spoofing Legit Devices – Update Now

• Bluetooth bugs could allow attackers to impersonate devices

• Google to influence doctor decisions in the USA with AI-driven patient data

• Congress to review Federal Cyber Terrorism Risk Insurance Program

• The evolution of the modern CISO

• Adding complexity through simplification: Breaking down SASE

• What’s Next for Cybersecurity Workers? You Tell Us.

• Defending the client-side attack surface

• The state of enterprise preparedness for ransomware attacks

• Code Execution Flaw in Checkbox Survey Exploited in the Wild

• The Cybersecurity Executive Order: Why CMMC May Be the One Standard to Rule Them All

• Enterprise networks vulnerable to 20-year-old exploits

• Audio Tech Giant Bose Disclosed Ransomware Attack

• Tripwire Patch Priority Index for May 2021

• A Fifth of IT Decision-Makers Not Confident in Their OT System Security, Reveals Survey

• Quantum computing investments on the rise

• API Security Weekly: Issue #135

• ISC Stormcast For Thursday, May 27th, 2021 https://isc.sans.edu/podcastdetail.html?id=7518, (Thu, May 27th)

• 1Kosmos Passwordless Identity Package provides a scalable passwordless authentication solution

• NetWitness Cloud SIEM delivers cloud-based threat detection and response

• Augmentt Engage optimizes SaaS management and SaaS security for MSPs

• Red Hat JBoss EAP on Azure enables the migration of Java applications to cloud environments

• Colonial Pipeline attack used to justify Australia’s Critical Infrastructure Bill

• ZeroFOX launches App Library to provide integrated external threat intelligence and protection

• Nexusguard unveils anti-DDoS protection program for CSPs

• Unfixable Apple M1 chip bug enables cross-process chatter, breaking OS security model

• Top Four Reasons for Data Loss from Databases (and what to do about it)

• HID Global delivers a redesigned ePassport solution to Republic of Estonia

• Twilio expands IoT portfolio by offering Super SIM for eSIM/eUICC devices

• Microsoft to drive Italy’s digital transformation with defense partner

• Backblaze B2 Cloud Storage platform delivers enhanced security and performance upgrades

• Adaptiva adds new capabilities and health checks to its Endpoint Health product

• Apple Patched Three Actively Exploited Zero-Day Bugs In macOS/tvOS

• Alaska Health Department Site Went Offline After Malware Attack

• OpManager facilita el monitoreo de redes Windows

• Extreme Networks announces ExtremeCloud IQ CoPilot to empower taxed network administrators

• Veeam expands its single platform to protect and manage all workloads

• Biden-Putin summit tensions: Feds say Russia a hacker ‘safe haven’

• Biden’s first cyber EO deadline is here. What will change?

• AWS plans to open infrastructure region in the UEA

• CloudLinux provides Linux support services for Department of Defense

• Virsec expands executive team to further drive business acceleration

• Elastic expands partnership with Microsoft to help customers consolidate and secure their data

• European Court on Human Rights Bought Spy Agencies’ Spin on Mass Surveillance

• Chris Brazdziunas joins Securonix as Executive VP, Head of Product Engineering

• CoSoSys appoints new CTO and CMO

• NITAAC releases long-awaited RFP for $50 billion CIO-SP4

• How hot is it? Communities collect heat data

• What the data says about phone use while driving

• Enterprises Applying OS Patches Faster as Endpoint Risks Grow

• Reduce the noise to strengthen agency cybersecurity defenses

• Is it really the Wild West in cybercrime? Why we need to re-examine our approach to ransomware

• New Facebook Report Reveals Growth Of Fake Accounts, Foreign Influence Campaigns

• Vishing Attacks Are on The Rise

• LeBron James Spotted Wearing Unreleased Beats Studio Buds

• IT Security News Daily Summary 2021-05-26

• Token Resistance: Tackling the New NFT Threat Landscape

• VA lowballed health record modernization costs, watchdog says

• US agencies lack supply chain best practices post-SolarWinds

• Nearly 50,000 IPs compromised in Kubernetes clusters by TeamTNT

• Google Discovers New Rowhammer Attack Technique

• DarkSide will be back, as Russia, China, Iran create ‘safe havens’ for hackers: Feds

• Ryuk Ransomware Operators Shift Tactics to Target Victims

• The Cybersecurity Ecosystem: How Did It Get So Crowded?

• PDF Feature ‘Certified’ Widely Vulnerable to Attack

• Zscaler Buys Deception Technology Startup

• Apple Faces Criticism Over Its Cooperation With China

• VMware Sounds Ransomware Alarm Over Critical Severity Bug

• US Exchanges Offer a Rich Potential Target for Hackers

• How user experience is shaping verifiable credentials and identity

• Russian admin of cybercrime marketplace Deer.io jailed in US

• Cisco: Reduced Complexity in the SOC Improves Enterprise Security

• Halide Developer Highlights Hidden Macro Camera Feature in 2021 iPad Pro

• Bank of England Head Warns Cryptocurrencies Are Dangerous

• Who is DarkSide—The Group Behind the Colonial Pipeline Breach?

• BrandPost: Simplifying Security Across Hybrid Clouds, Multi-clouds and for the Cloud On-ramp with Secure SD-WAN

• BazaLoader Masquerades as Movie-Streaming Service

• French police seized dark web marketplace Le Monde Parallèle

• AliveCor Files Antitrust Suit Against Apple for Preventing Third-Party Irregular Heart Rhythm Analysis on Apple Watch

• What is encryption? And why it matters in a VPN

• Cyber Cyber, Burning Bright: Can XDR Frame Thy Fearful Asymmetry?

• Bug Bounties and the Cobra Effect

• CPDP 2021 – Moderator: John Edwards ‘A Path To Empowering User Choice And Boosting User Trust In Advertising’

• XKCD ‘Wikipedia Caltrops’

• Introducing Security By Design

• How Are Cyber Insurance Companies Assessing Ransomware Risk?

• Introduction of Recently Retired OSCP Exam Machines in PWK Labs

• Vulnerability In VMware Product Has Severity Rating 9.8 Out Of 10

• Cloud (Mis)Configuration: What Do You Need to Consider?

• The rise of QakBot

• SASE as a Service: The role of managed services in the world of network security convergence

• Password security tips and best practices for enterprises

• Tesla To Drop Radar And Use Camera-based Autopilot

• S3 Ep34: Apple bugs, scammers busted, and how crooks bypass 2FA [Podcast]

• Devo: SIEM Continues to Evolve with Tech Trends and Emerging Threats

• 5 Steps in Your CMMC Compliance Checklist | Apptega

• Lessons From Contact-Tracing and Exposure-Notification Apps

• Australia Real Estate Domain warns users of a Cyber Attack

• Data Wiper Malware Disguised As Ransomware Targets Israeli Entities

• Google discovered a new variant of Rowhammer attack dubbed Half-Double

• Apple Looking for a Manager With Experience in Cryptocurrency

• Amid Systemic Censorship of Palestinian Voices, Facebook Owes Users Transparency

• Becoming resilient by understanding cybersecurity risks: Part 4—navigating current threats

• The Impact of Flawed Pseudorandom Number Generators in Network Devices

• The Benefits and Drawbacks of Geo-Restrictions

• Security Risks That Ecommerce Businesses Face and How to Avoid Them

• This weird memory chip vulnerability is even worse than we realised

• Salt Security Raises $70 Million in Series C Funding

• Virtual Event Keynote: John Lambert, Microsoft Threat Intelligence Center

• Plaintext Passwords of 8.3 Million Users Leaked in a DailyQuiz Data Breach

• How to Hide Like and View Counts on Instagram Posts

• What Is a Server Monitoring System?

• The VC View: Identity = Zero Trust for Everything

• VMware Urges Customers to Immediately Patch Critical vSphere Vulnerability

• Apple Patches Zero-Day XCSSET Exploit

• New Disk Wiping Malware Targets Israel

• What Is EMM (Enterprise Mobility Management)?

• Over 60% of Organizations Say Would Not Pay Attackers

• About the Garmin Ransomware Case: Here’s What Happened

• Amazon Buys James Bond Studio MGM For $8.5bn

• Pros and Cons of SOC – Outsourcing Concept

• 11 Best Practices To Secure Your WooCommerce Store

• firewall

• Messaging Apps: The Latest Hotbed in the Fraud Ecosystem

• As Chips Shrink, Rowhammer Attacks Get Harder to Stop

• VMware Releases Security Updates

• Google Releases Security Updates for Chrome

• Flubot Threat Bulletin – Allot blocks 100M C&C connection attempts

• Security automation for digital transformation

• Amazon to Acquire MGM for $8.45 Billion Amid Competition With the Likes of Netflix and Apple TV+

• App Store Scam App Required a Good Review to Function at All

• The Central Bank Digital Currency Is Now A Reality: Payment Card Security Needs To Catch Up

• Expert Insight On StrRAT Malware Disguised As Ransomware

• Private browsing vs VPN – Which one is more private?

• AIs and Fake Comments

• Deals: Get Apple’s 512GB 27-Inch iMac for Lowest Price of $1,699.99 ($299 Off)

• Expert Advice on New FCA Rule to Implement Strong Customer Authentication

• Azure Synapse Analytics – New Insights Into Data Security

• Killing Cloud Security Misconceptions: Common Vulnerabilities and Exposures (CVEs)

• Ransomware: Dramatic increase in attacks is causing harm on a significant scale

• North Korean Takes the Lead in Cyberwarfare

• New Rowhammer Attack Variant Out

• Critical RCE Vulnerability Discovered in VMware vCenter Server

• Steam Used in a New Type of Phishing Attempt

• ‘World’s Leading Bank Robbers’: North Korea’s Hacker Army

• Spikes in automated fraud attempts hit thousands of e-commerce websites in 2020

• New Iranian Threat Actor Using Ransomware, Wipers in Destructive Attacks

• WhatsApp Sues Indian Government Over New Internet Regulations

• Q1 2021 Threat Trends & Intelligence Report

• VMware Discloses Severe Vulnerabilities That Need ‘Immediate Attention’

• WhatsApp Sues Indian Government Over Surveillance Law

• Securing my house with Ubiquiti’s UniFi Protect range

• How to delete your Twitter account: the deactivation process

• Cybersecurity monitoring and threat prevention startup Uptycs raises $50M

• FCW Insider: May 26, 2021

• Quick Hits

• NASA Intends to Reorganize its Cybersecurity Strategy

• Russian Hydra Made Over $1.3 Billion Last Year

• Belgium Hacked, Most Likely by China

• Scalable Security with Cisco Secure Firewall Cloud Native

• Zoom Adds Support for iPad Pro’s New Center Stage Feature

• How Hidden Vulnerabilities will Lead to Mobile Device Compromises

• How dangerous are deepfakes?

• Bluetooth bugs open the door for attackers to impersonate devices

• Half-Double: Google Researchers Find New Rowhammer Attack Technique

• Welcoming the Trinidad & Tobago Government to Have I Been Pwned

• ‘The Me You Can’t See: A Path Forward’ Town Hall Conversation Coming to Apple TV+

• Five Practical Steps to Implementing a Zero-Trust Network

• Belgium’s Interior Ministry uncovers 2-year-long compromise of its network

• Your Next Cybersecurity Hire May Already Be in Your Organization

• API vulnerability detection firm Salt Security raises $70M

• A Peek Inside the Underground Ransomware Economy

• ‘Privateer’ Threat Actors Emerge from Cybercrime Swamp

• Google Patches 32 Vulnerabilities With Release of Chrome 91

• Orange: Your Leaky Security is Coming from Inside the House!

• Managing Cloud Storage Limits in K-12 Schools

• Belgium Interior Ministry said it was hit by a sophisticated cyber attack

• Some New Apple TV 4K Users Report 4K Content Incorrectly Labeled as HD

• Apple TV 4K Very Easy to Repair but Siri Remote Battery Difficult to Replace, Teardown Shows

• Ransomware attribution: Missing the true perpetrator?

• What to do about open source vulnerabilities? Move fast, says Linux Foundation expert

• Google Approved To Build Mega Campus In San Jose

• Transform Your Data Center and Network Security to Support Distributed Cloud Apps and Remote Workers at the Edge

• Rising Cyberattacks in West Highlight Vulnerabilities

• Apple Fixes macOS Zero Day Vulnerability, Abused by XCSSET macOS Malware

• Agrius Iranian Hacking Group Targets Israel

• Russian national jailed for running stolen data, hijacked account seller platform deer.io

• Apple just fixed a security flaw that allowed malware to take screenshots on Macs

• Another critical bug impacts all VMware vCenter Server installs

• VMware fixes critical vCenter Server RCE vulnerability, urges immediate action (CVE-2021-21985)

• Hydra Cryptocurrency Transactions Reached $1.37bn in 2020

• 180 Million Clients’ Data Was Exposed Following a Cyberattack Targeting Domino’s India

• 13 Vulnerabilities in Nagios Server Let Hackers Compromises The IT Infrastructure

• Kaspersky Security Bulletin 2020-2021. EU statistics

• New Apple Via del Corso Retail Store in Rome, Italy Opens May 27

• VMware fixes critical vCenter Server RCE vunerability, urges immediate action (CVE-2021-21985)

• Critical Flaw Is Impacting All vCenter Server Deployments, VMware Alerts

• Amazon Sued By Washington DC’s Attorney General

• European Court Rules GCHQ Mass Surveillance Powers Violated Human Rights

• Computer Misuse Act: Tell the Home Office infosec needs a public interest defence in law, says CyberUp campaign

• How to prepare for the demise of Windows NT LAN Manager

• 5 best practices for conducting ethical and effective phishing tests

• FBI Issues Flash Advisory on Conti Ransomware Attacks Impacting Healthcare and First Responder Networks

• WhatsApp Sues Indian Government Over New Privacy Threatening Internet Law

• Apple Shortcuts With Multiple Actions Reportedly Run Faster in iOS 14.6

• NSA Edward Snowden criticizes British govt for spying on citizen communication

• Salary of the Director of National Cyber Security Centre

• Mission Secure is Newest Competitor in 2021 ‘ASTORS’ Awards Program

• Agrius – The Iranian Hacking Group Targets Israel Using Data Wipers

• JSWorm: A Notorious Ransomware

• VMware issues critical patch on vCenter Server installs

• Almost half of British organisations aren’t reporting data breaches, Crowdstrike finds

• Is Your ZTNA Vendor Really Zero-Trust?

• Recent ransomware attacks prompt action from two-thirds of companies

• Entrust Remote Signing Service provides verified employee identities and strong authentication

• Looking for adding new detection technologies in your security products?

• Social Media And Online Reputation | Avast

• In-person cybersec training? Yes, it’s back on the agenda this year

• Breach Clarity Weekly Data Breach Report: Week of May 24

• Google Researchers Discover A New Variant of Rowhammer Attack

• Apple Supplier TSMC Reportedly Begins Production of A15 Bionic Chip for iPhone 13

• Contract killer: Certified PDFs can be secretly tampered with during the signing process, boffins find

• Apple fixes macOS zero‑day bug that let malware take secret screenshots

• Top 20 Fastest Growing Cybersecurity Companies in Q1 2021

• Agrius group targets Israel with data-wipers disguised as ransomware

• Measuring impact beyond a single incident

• Court finds GCHQ breached citizen’s privacy with its bulk surveillance regime

• Russian Hydra DarkNet Market Made Over $1.3 Billion in 2020

• Apple Set to Surpass Samsung as Largest Purchaser of AMOLED Displays in 2021

• Why is patch management so difficult to master?

• Four proactive steps to make identity governance a business priority

• Critical RCE Vulnerability Found in VMware vCenter Server — Patch Now!

• Label standard and best practices for Kubernetes security

• More Than Likely, Or Less Than Probable: Is a truly quantitative security analysis possible?

• (ISC)² Supports NIST Encouragement of Inclusive Cybersecurity Terminology

• AWS IAM security explained

• Stalkerware: What is being done to protect victims as the number of cases rises

• Anti-money laundering regulation for all crypto exchanges on Austrac’s wish list

• The sharp drop of the cryptocurrency provokes cyber fraudsters

• Enhancing cyber resilience in the oil and gas industry

• Cybersecurity leaders lacking basic cyber hygiene

• How do we decide whether or not to trust AI systems?

• Anit-money laundering regulation for all crypto exchanges on Austrac’s wish list

• 2021 Cybersecurity: Mitigating Mobile Security Risks for CISOs

• ISC Stormcast For Wednesday, May 26th, 2021 https://isc.sans.edu/podcastdetail.html?id=7516, (Wed, May 26th)

• Imperva introduces Serverless Protection to secure serverless computing functions

• Onfido Face Authenticate enables businesses to authenticate customers’ real identities

• VMware reveals critical vCenter hole it says ‘needs to be considered at once’

• ACIC clarifies that it’s not actually interested in your WhatsApp or Signal chat

• Patch immediately: VMware warns of critical remote code execution hole in vCenter

• Juniper Networks Apstra 4.0 enhances the experience of users and operators in the data center

• Belgium Interior Ministry Targeted in Cyber Attack

• A Survey of Bluetooth Vulnerabilities Trends, (Wed, May 26th)

• Aruba’s Wi-Fi 6E solution set supports high-bandwidth applications and use cases

• Datadog’s AWS Lambda extension allows customers to collect telemetry from serverless applications

• LogRhythm Champions Profile: Seth Shestack

• How a defense contractor got a near perfect NIST 800-171 score: 7 important questions and answers

• PLDA launches XpressRICH PCI Express 6.0 Controller IP for SoC designers and system architects

• Inseego collaborates with Net4 to bring the benefits of private 5G infrastructure to enterprise networks

• (ISC)² announces registration opening for its 11th annual Security Congress

• 5 Tips to get Better Efficacy out of Your IT Security Stack

• How to Remotely Control Your iPhone Camera With or Without an Apple Watch

• Cadence unveiled its third-generation 112G long-reach (112G-LR) SerDes IP on TSMC’s N5 process

• Ermetic partners with IDSA to address risks associated with over privileged cloud identities

• Hackers already claiming to have sold Domino’s, Air India databases

• Cybercrime Forum Data Set for 2019 and 2021 – Free Direct Download Technical Collection Copy Available! Grab a Copy Today!

• Tessian raises $65M to accelerate its mission of preventing human risk in global enterprises

• Tony Shadrake joins Beyond Identity as VP of EMEA

• SailPoint appoints Wendy Wu as CMO

• Vendor Selection Matters in the Domain Registrar Ecosystem

• Russia Profiting from Massive Hydra Cybercrime Marketplace

• Rise in Opportunistic Hacks and Info-Sharing Imperil Industrial Networks

• Cloud Compromise Costs Organizations $6.2M Per Year

• IT Security News Daily Summary 2021-05-25

• Try These Best Practices to Counter Common Cybersecurity Risks

• Lawmakers push State Department to act on harassment, discrimination

• US To Issue Cyber Protection Rules For Pipelines After Colonial Hack

• Software and startups top priorities for DOD tech chief pick

• Fast computers, 5G networks and radar that passes through walls are bringing ‘X-ray vision’ closer to reality

• Zscaler stock surges on deal to buy active defense startup Smokescreen, upbeat quarterly results

• RSA Conference 2021: Focus on resilience

• Ivanti fixes high severity flaw in Pulse Connect Secure VPN

• CNBC Details 2015 Acquisition Talks Between Apple and Time Warner

• Post-pandemic telework infrastructure

• Communications board digs into 911 Christmas bombing outage

• Who are you? Rising to the data protection challenge

• Threat Actor ‘Agrius’ Emerges to Launch Wiper Attacks Against Israeli Targets

• Lawfare Live: Bob Bauer on the Danger of the Moment

• Colonial Pipeline attack spurs new rules for critical infrastructure

• Iranian hackers hit Israel with disk wiper in disguise of ransomware

• DHS to issue new pipeline security regulations after Colonial attack

• Hack Prompts New Security Regulations for US Pipelines

• The Rise of Continuous Attack Surface Management

• 180,000 Users Sign Petition Urging Facebook To Drop “Instagram For Kids”

• MacOS Zero-Day Let Attackers Bypass Privacy Preferences

• Construindo uma lista completa de verificação de segurança de rede

• Automatize atualizações de modelos e nunca mais perca uma atualização de software

• 10 astuces essentielles de cybersécurité pour les débutants

• Best browser for privacy 2021: Secure your web browsing

• Ransomware attack on Bose exposes employee SSNs and financial information

• Triple-extortion is a new tool for ransomware attackers

• VMware Security Advisory VMSA-2021-0010, (Tue, May 25th)

• See the Dramatic Improvement Mini-LED Brings to the M1 iPad Pro’s Display

• Federal CIO says cybersecurity is a top priority for new TMF projects

• Russian Sentenced to 30 Months for Running Criminal Website

• Axis Fosters Work-From-Home Momentum with Zero Trust Network Access

• iOS 15 Could Include New Food Tracking Feature

• Upcoming Beats Studio Buds Depicted in Leaked Images

• Hack Exposes Data Of 4.5 Million Air India Passengers

• 7 New Bugs in Bluetooth Let Hackers Impersonate As Legitimate Device & Launch DDoS Attacks

• Data security & App Development—Technology, Strategy & Obligations

• Review: Ford’s SYNC 4 Brings Wireless CarPlay to the 2021 F-150

• Eero 6 and Pro 6 Routers Gain HomeKit Support

• Why Geek Pride Day is Something to be Proud Of

• Audio equipment giant Bose hit by ransomware attack, data breach

• What Does Oura Ring Track? | Avast

• Applying the Invisibility Cloak: Obfuscate C# Tools to Evade Signature-Based Detection

• Email Security Firm Tessian Raises $65 Million at $500 Million Valuation

• What the Cyber EO means for federal agencies

• Robert M. Lee’s & Jeff Haas’ Little Bobby Comic – ‘WEEK 330’

• Behavioral Analytics: How to Secure User Experience under a DDoS Attack

• Microsoft is a Leader in the 2021 Forrester Endpoint Security Software as a Service Wave

• Snowden was right, rules human rights court as it declares UK spy laws broke ECHR

• Trend Micro Bugs Threaten Home Network Security

• Chaos in Maricopa County: The election audit explained

• Your Network’s Smallest Cracks Are Now Its Biggest Threats

• How we can secure the future of healthcare and telemedicine

• Cryptocurrency trading bots: Strengthening Cybersecurity and minimizing risks

• Expert: Biden’s executive order on cybersecurity is a good start toward protecting organizations

• Some cybersecurity weak spots will be strengthened by Biden’s executive order, expert says

• Cryptography quiz questions and answers: Test your smarts

• Crimes of Opportunity: Increasing Frequency of Low Sophistication
  Operational Technology Compromises

• What are Clickjacking Attacks? Tips to Prevent Them

• ElevationLab Debuts AirTag Holder for Pet Collars

• Al-Hela v. Biden and Due Process at Guantanamo

• Adapting to the Cyber Domain: Comparing U.S. and U.K. Institutional, Legal and Policy Innovations

• Introducing Half-Double: New hammering technique for DRAM Rowhammer bug

• Brit watchdog shows some teeth over McAfee antivirus auto-renewals

• Ransomware attack on Bose Corporation

• BrandPost: Changing the Narrative Around Attack Victim Shaming

• Russia Threatens Google With Online Slowdown

• The Makings of a Better Cybersecurity Hire

• Uptycs Offers Resilience Formula to Boost Business Continuity

• Tidal Releases Apple Watch App With Offline Playback and More

• What is Incognito mode? Our private browsing 101

• UK’s Competition and Mergers Authority shows some teeth over McAffee antivirus auto-renewals

• Alert Actionability In Plain English From a Practitioner

• The hidden power of the Federal Citizen Services Fund

• Microsoft takes another stab at a Blockchain-powered ledger service

• Bose Admits Ransomware Hit: Employee Data Accessed

• Combatting Insider Threats with Keyboard Security

• Gartner: Global Security Spending Will Reach $150 Billion in 2021

• Conti ransomware spree draws FBI attention

• How Cybercriminals are Hacking ATM Machines? Here’s a Quick Look

• Apple Releases Security Updates

• Sumo Logic + DFLabs: Cloud SIEM Combined with SOAR Automates Threat Detection and Incident Response

• Cybereason Makes Big Debut on CNBC 2021 Disruptor 50 List

• North Korean Hackers Most Likely to Have Been Behind the CryptoCore Heists

• Hands On with Apple’s New M1 iMac and M1 iPad Pro

• Apache Spark plays in the NetApp data analytics playground

• Huawei To Launch Harmony 2.0 Operating System Next Week

• Not as complex as we thought: Cyberattacks on operational technology are on the rise

• Pulse Secure VPNs Get Quick Fix for Critical RCE

• Shift left security is helpful, but one expert says it’s not enough

• FBI Identifies 16 Conti Ransomware Attacks on U.S. Healthcare

• Actionable threat intelligence for publicly known exploits for RHEL

• Exploited macOS 0-Day Let Hackers Take Screenshots

• Freenode IRC Staff Resign En Masse After Takeover By Korea’s Crown Prince

• A Governor’s Live Zoom Event Got Hacked With Very Graphic Porn

• FBI Analyst Indicted For Theft Of Osama bin Laden Threat Intel

• SolarMarker Backdoor Pretends to be Legit PDFescape Installer

• macOS Malware Caught Spying on Users

• Bluetooth Devices Vulnerable to AuthValue Disclosure

• New Trojan Found to Impersonate Ransomware

• Bose Says Personal Information Compromised in Ransomware Attack

• OT Systems Increasingly Targeted by Unsophisticated Hackers: Mandiant

• Microsoft to Pull the Plug on Internet Explorer 11 in 2022

• The Adversary Within: Preventing Disaster From Insider Threats

• Your Guide to Hacker Summer Camp 2021

• Flexibits Launches Cardhop 2.0 Contacts Management App, Now Included With Fantastical Premium Subscription

• Deals: Save on Apple’s MagSafe Charger and MagSafe Duo Charger Accessories

• The Man Who Has Stolen the PII of 65k Employees of UPMC Pleads Guilty

• Indonesian Government Bans Raid Forums Website After Alleged Leak

• Insider threats: If it can happen to the FBI, it can happen to you

• Online Proctor Exam Pilot Results

• 5 really exciting tech roles open for applicants right now

• Japan’s Biggest Dating App Struck by Major Cyberattack

• Britons Tracked Without their Consent for Vaccine Study

• Malware exploited macOS zero-day flaw to secretly take screenshots. Update to Big Sur 11.4 now

• Trend Micro fixes 3 flaws in Home Network Security Devices

• High-End Mac Mini Said to Feature Thinner Design With ‘Plexiglass’ Top, Magnetic Power Port

• Florida To Prevent Tech Firms ‘Deplatforming’ Political Figures

• Tessian nabs $65M to solve cybersecurity’s ‘people problem’

• Report Highlights Massive Scale of Automated Cyberattacks

Generated on 2021-06-01 00:02:25.156037