IT Security News Monthly Summary – May

• IT Security News Daily Summary 2022-04-30

• Microsoft Azure flaws could allow accessing PostgreSQL DBs of other customers

• The case for data-centric security in 2022

• Identifying Ransomware’s Stealthy Boot Configuration Edits

• Emotet tests new attack chain in low volume campaigns

• Black Basta Ransomware Hits American Dental Association

• Acrisure Unveils Cyber Risk Assessment Backed by Coalition

• Cobalt Iron Earns Patent for Machine-Learning-Driven Authentication Control

• Cloudflare Blocks a  DDoS Attack with 15 million Requests Per Second

• VirusTotal Reveals Claims of Critical Flaws in Google’s Antivirus Service

• Department Of Education Caught Sending Personal Data To Facebook

• Pro-Russian group Killnet launched DDoS attacks on Romanian govt sites

• Update now! Critical patches for Chrome and Edge

• FBI Conducted 3.4 Million Warrantless Searches of Americans’ Data

• One of the Most Powerful DDoS Attacks Ever Hits a Crypto Platform

• Why MFA Alone Isn’t Enough for True Cybersecurity

• Can Your Cybersecurity Culture Stand Up to the Latest Spear Phishing Techniques?

• Russia continues digital onslaught against Ukrainian systems

• Facebook’s Meta, tracking code, and the student financial aid website

• 11:11 Systems Launches Expanded Managed Security Services

• Cyware Named to Elite 80 List of Hottest Privately-Held Cybersecurity & IT Companies

• LogDNA’s new features provide enterprises with control over log data and costs

• 2022 Security Priorities: Staffing and Remote Work

• ThreatX collaborates with Distology to deliver API protection for the UK market

• Appgate partners with DXC Technology to help customers accelerate zero trust security

• CoreChain raises $4.2 million to offer blockchain-based B2B payments for enterprise clients

• Good News! IAM Is Near-Universal With SaaS

• Breast Cancer Charity Exposed Sensitive Images of U.S. Patients

• Data-wiper malware strains surge as Ukraine battles ongoing invasion

• Detecting disasters with satellite data

• TA410 under the microscope – Week in security with Tony Anscombe

• Critical Vulnerabilities Leave Some Network-Attached Storage Devices Open to Attack

• Root Cause Analysis

• IT Security News Daily Summary 2022-04-29

• Report: 95% of IT leaders say Log4shell was ‘major wake-up call’ for cloud security

• Smart pavement powers data collection, EV charging, wireless access, edge computing

• Friday Squid Blogging: Ten-Foot Long Squid Washed onto Japanese Shore — ALIVE

• As satellite images reshape conflict, security worries mount

• Best Cybersecurity Software & Tools for 2022

• Cloudflare Flags Largest HTTPS DDoS Attack It’s Ever Recorded

• Scientific advance leads to a new tool in the fight against hackers

• “Computer malfunction” Caused Death of 27,000 Chickens

• How GSA is remaking USA.gov

• Is cloud critical infrastructure? Prep now for provider outages

• You Can Now Ask Google to Remove Your Phone Number, Email or Address from Search Results

• How remote browser isolation can shut down virtual meeting hijackers

• Microsoft’s latest Windows 11 test build adds new group policies, drops SMB1 enablement by default

• Socialscan – Command-Line Tool To Check For Email And Social Media Username Usage

• Fleet Raises $20M for Endpoint Visibility Technology

• Cybersecurity and the ‘Good Cause’ Exception to the APA

• Library of Congress plans new cloud office

• Blasting out Earth’s location with the hope of reaching aliens is a controversial idea – two teams of scientists are doing it anyway

• GitHub issues final report on supply-chain source code intrusions

• States and cities are moving to make virtual hearings permanent

• Secret School District Crypto Miner Resigns

• BIO-ISAC Partners with NY Metro InfraGard

• Finnish Hotels’ Data Compromised

• The top 5 most routinely exploited vulnerabilities of 2021

• Conti Ransomware Assault Continues Despite the Recent Breach

• ISG to Publish Reports on Contact Center Services, Platforms

• The Global Cyber Innovation Summit, the CISO “Invitation-only” Event, Returns in 2022 to Set the Global Agenda for Cybersecurity

• What is data fabric and how does it impact Cybersecurity?

• Microsoft Edge’s ‘Secure Network’ sounds a lot like a built-in VPN

• Beware Twitter Messages claiming “Your blue badge Twitter account has been reviewed as spam”

• Quantum Physics is said to make hacking impossible

• Sabanci Group Acquires Majority Stake in OT Security Firm Radiflow for $45 Million

• Don’t expect to get your data back from the Onyx ransomware group

• How to Use Your Asset Management Software to Reduce Cyber Risks

• Apple Profits Surge, As Firm Warns Of Trouble Ahead

• Ransomware costs show prevention is better than the cure

• Video Conferencing Apps Sometimes Ignore the Mute Button

• New OpenSSF Project Hunts for Malicious Packages in Open Source Repositories

• Take a Diversified Approach to Encryption

• Conti’s BazarLoader Replaced with Bumblebee Malware

• Tesla’s Elon Musk Sells Shares Worth $4bn, Promises No More

• Platform Transparency Legislation: The Whos, Whats and Hows

• HackerOne acquires PullRequest to help users integrate code security reviews during workflows

• US has Offered a $10 Million Bounty on Data About Russian Sandworm Hackers

• Appian World 2022: Democratising Low-code

• Report: DDoS attacks have increased 4.5 times since last year

• Experts say BlackCat ransomware isn’t more of a problem than any other ransomware strain

• Intigriti’s ‘head of hackers’: crowdsourced security is key to mitigating modern threats

• This phishing campaign delivers malware that steals your passwords and chat logs

• Ambient.ai Expands Computer Vision Capabilities for Better Building Security

• Private Equity Executive Sought To Undermine NSO Critics

• Powerful DDoS Targets Cryptocurrency Platform

• Interpol: We Can’t Arrest Our Way Out Of Cybercrime

• Vulnerable Plugins Plague The CMS Website Security Landscape

• EmoCheck Tool 2.2 Supports and Detects New 64-bit Variants of Emotet Malware

• Security Turbulence in the Cloud: Survey Says…

• Many Internet-Exposed Servers Affected by Exploited Redis Vulnerability

• Microsoft Documents Over 200 Cyberattacks by Russia Against Ukraine

• Interpol: We can’t arrest our way out of cybercrime

• New Nimbuspwn Linux Flaws Could Provide Attackers Root Access

• Cyberespionage APT Now Identified as Three Separate Actors

• Tips on Upgrading Business Security Practices to “New Norm” Standards

• 3 Tech Solutions Church Leaders Can Use to Protect Their Congregation

• 7 Useful Crypto Coin Wallet Security Methods

• Amazon Posts First Net Loss Since 2015, Amid Challenging Market

• Synology, QNAP, WD Warn Users About Vulnerabilities Exploited at Hacking Contest

• Medical Software Company Fined €1.5M for Exposing 490k Patients’ Data

• Adventures in the land of BumbleBee

• Data Security Firm Veza Emerges From Stealth With $110 Million in Funding

• Google Adds Ways to Keep Personal Info Private in Searches

• You Need to Update iOS, Android, and Chrome Right Now

• Ukraine’s Digital Battle With Russia Isn’t Going as Expected

• India gives local techies 60 days to hit 6-hour deadline for infosec incident reporting

• Beware scammers disguised as fraud busters

• Vulnerable plugins plague the CMS website security landscape

• Deepfakes set to be used in organised crime

• Warning! Instagram Stories hides a scam in plain sight

• Sina Weibo, China’s Twitter analog, reveals users’ locations and IP addresses

• Global security spending set to reach $198bn by 2025

• Account Takeover Definition. Account Takeover Prevention

• Google Play’s Data safety section empowers Android users to make informed app choices

• Ransomware Fallout Costs Seven Times the Ransom Paid

• Critical vulnerabilities open Synology, QNAP NAS devices to attack

• Five Eyes Agencies List Top 15 Most Exploited Bugs of 2021

• Bumblebee Malware Loader Has a Sting in the Tail

• HackerOne acquires code security tester, review service PullRequest

• Apple’s AirTags: One Year On

• Ukraine government and pro-Ukrainian sites hit by DDoS attacks

• Sina Weibo, China’s Twitter analogue, reveals users’ locations and IP addresses

• DigiCert outlines its vision to help customers manage trust across their digital footprint

• Anonymous hacked Russian PSCB Commercial Bank and companies in the energy sector

• Hurry up, disable AFP on your QNAP NAS until the vendor fixes 8 bugs

• Edge’s prospective free VPN would be a tempting reason to ditch Chrome

• Introducing Personal Data Cleanup

• Will Elon Musk follow the rules in his takeover of Twitter?

• Indian Govt Orders Organizations to Report Security Breaches Within 6 Hours to CERT-In

• Microsoft Azure Vulnerability Exposes PostgreSQL Databases to Other Customers

• Work from home culture could fuel Russian Cyber Attacks

• Artificial Intelligence induced microwave oven tries to kill its owner

• Indian Govt Orders Organisations to Report Security Breaches Within 6 Hours to CERT-In

• It’s Called BadUSB for a Reason

• Ongoing DDoS attacks from compromised sites hit Ukraine

• Next-Gen CASB & Gamma.AI

• Leadership and recruitment changes needed to address burnout in cybersecurity

• Don’t ignore risks lurking within your own network

• New infosec products of the week: April 29, 2022

• Bumblebee malware loader emerges as Conti’s BazarLoader fades

• How IIoT solutions can optimize industrial supply chain operations

• 308,000 exposed databases discovered, proper management is key

• What is tokenization, what are the types of tokenization, and what are its benefits for eCommerce businesses?

• Security leaders relying more heavily on MSPs amid talent crunch

• China, India, Russia missing from future of internet pledge by US, EU, and 33 others

• Companies poorly prepared to meet CCPA, CPRA and GDPR compliance requirements

• Bitwarden Generator helps customers create unique usernames for all their accounts

• Codenotary adds independent cryptographic validator to its Community Attestation Service

• Workato Enterprise Key Management protects sensitive data for enterprise customers

• McAfee Personal Data Cleanup allows users to protect themselves from identity thieves and hackers

• Digital.ai Ascension empowers organizations to unify predictive insights across the software lifecycle

• Handling Sensitive Data: A Primer

• Comcast Business expands partnership with Cisco to simplify network management operations

• Acrisure and Coalition join forces to provide security solutions for small and midsize businesses

• C# Applications Vulnerability Cheatsheet

• Enveil raises $25 million to expand its footprint in both the commercial and government markets

• PCI Pal collaborates with Odigo to offer secure payment solutions for customers

• Why you should be taking security advice from your grandmother

• Report: 73% increase of threat incidents in Q4 2021

• Arcserve appoints Matt Urmston as EVP of Product Management

• Redstor hires Mike Hanauer as CRO

• Outseer appoints John Filby as CEO

• Veza emerges from stealth and announces $110 million in funding

• JRSS transition still a work in progress

• Bitcoin mining comes to city hall

• Microsoft Patches Pair of Dangerous Vulnerabilities in Azure PostgreSQL

• LogicGate adds new executives to scale product and revenue functions

• Ricardo Antuna joins Stratodesk as VP of Strategy and Business Development

• Pushing the envelope on drones for indoor emergency response

• Nimbuspwn: New Root Privilege Escalation Found in Linux

• IT Teams Worry Staff Lack Cloud-Specific Skills

• Experts Insight On Coca Cola Potential Breach

• Scammers Are Copying News Sites To Push Elon Musk-themed Crypto Scams

• IT Security News Daily Summary 2022-04-28

• Can your mobile phone get a virus? Yes – and you’ll have to look carefully to see the signs

• Cybersecurity Agencies Reveal the Top Exploited Vulnerabilities of 2021

• Cisco Releases Security Updates for Multiple Products

• The Subject Of Trusting ‘Russian’ Applications

• Elon Musk Wants to Make Twitter DMs End-to-End Encrypted

• GSA to study facial recognition tech with equity in mind

• IRS balks at public free-file suggestion from government watchdog

• Microsoft readies a built-in VPN for Edge powered by Cloudflare

• Tips for using a threat profile to prevent nation-state attacks

• Case study: Why it’s difficult to attribute nation-state attacks

• Check Point: Ransomware attacks lasted 9.9 days in 2021

• Lapsus$ targeting SharePoint, VPNs and virtual machines

• Microsoft: Russia Using Cyberattacks in Coordination With Military Invasion of Ukraine

• The Ransomware Crisis Deepens, While Data Recovery Stalls

• Capital One Ventures, Snowflake Ventures, Verizon Ventures, and Wipro Ventures Join Securonix $1B+ Growth Investment as Strategic Investors

• EFF Statement on the Declaration for the Future of the Internet

• Global Nations Sign Declaration For Free, Open Internet

• How enterprises can ensure NVMe security in 2.0

• Cisco Releases Security Updates for Multiple Products

• API Security is Necessary to Stop Threats that WAFs and Bot Protection Cannot

• 2022-04-25 – Emotet epoch4 activity (LNK files)

• The super malicious insider and the rise of insider threats

• File Formats

• US and China Exposed Most Databases Among 308,000 Discovered in 2021

• Europol: Deepfakes Set to Be Used Extensively in Organized Crime

• Harnessing data can help cities reduce homelessness

• Device Privacy Support for Retailers in Today’s Smart Home (Multi-Video)

• Stellar Open XDR Nominated for Three 2022 ‘ASTORS’ Cybersecurity Awards

• Microsoft Warns of ‘Nimbuspwn’ Security Flaws Haunting Linux

• Crypto Trading Fund Partners Accused of Fraud

• Chickens Baked Alive Due to Computer Glitch

• Uber ‘Cough Girl’ Accused of Identity Theft

• Hollywood’s Fight Against VPNs Turns Ugly

• The Chatter Podcast: “The Day After” with Nicholas Meyer

• The Package Analysis Project: Scalable detection of malicious open source packages

• FBI warns food and agriculture to brace for seasonal ransomware attacks

• Quantum Cybersecurity: Addressing the Boogeyman in the Room

• Stories from the SOC – Lateral movement using default accounts

• Online Safety Bill May Pose Risk To Startups, Suggests Regulator Boss

• How data-driven policies can help states and localities

• KB4Con 2022 – Cyber Resilience and the Fourth Industrial Revolution

• KB4Con 2022 – The Latest in Hacking Techniques with the World’s Most Famous Hacker

• CNIL Imposes a Fine of 1.5 million Euros Against Software Publisher Dedalus

• Cloud Security Innovator Sonrai Security Expands Globally into Europe and Asia-Pacific

• SECURE London stokes debate on the future of the cybersecurity workforce

• Nebulon Extends 4-minute Ransomware Recovery to 2-Node Management Clusters on Dell PowerEdge Servers, Reducing Footprint and Related Costs by 33%

• CynergisTek Launches New Continuous Risk Monitoring Program (CRMP) and Signs First Six-Figure Contract With Southeastern Hospital

• Why use a managed services provider for your SASE implementation

• Report: 78% increase in ransomware attacks in last year

• Smallstep increases focus on zero-trust and automated certificates, secures $26M

• 1.2 Million Bad Apps Blocked From Reaching Google Play in 2021

• Cloudflare stomps huge DDoS attack on crypto platform

• Emotet is Evolving with Different Delivery Methods

• Call for Contributors with Knowledge of Linux Firewalls!>

• Synopsys to Acquire White Hat Security in $330M All-Cash Deal

• How Linux Became the New Bullseye for Bad Guys

• MAR-10376640-2.v1 – CaddyWiper

• CISA and FBI Update Advisory on Destructive Malware Targeting Organizations in Ukraine

• MAR-10376640-1.v1 – IsaacWiper and HermeticWizard

• Five Eyes Nations Reveal 2021’s Fifteen Most Exploited Flaws

• Microsoft Details Rampant Russian Invasion Cyber Warfare

• GitHub Repos Breached Using Stolen OAuth Tokens

• Malicious Relays And The Health Of The Tor Network

• Hackers Steal NFTs Worth $3M in Bored Ape Yacht Club Heist

• BT Signals Intent To Adopt EE Brand For UK Consumers

• What Are the Biggest Phishing Trends Today?

• Hackers fool major tech companies into handing over data of women and minors to abuse

• Sender Policy Framework (SPF)

• Cisco Patches 11 High-Severity Vulnerabilities in Security Products

• S3 Ep80: Ransomware news, phishing woes, NAS bugs, and a giant hole in Java [Podcast]

• Explainable AI for Fraud Prevention

• MAR-10376640-2.v1 – CaddyWiper

• MAR-10376640-1.v1 – IsaacWiper and HermeticWizard

• Bumblebee, a new malware loader used by multiple crimeware threat actors

• The Tenet Case: Are Hackers Targeting the Healthcare Industry?

• Call of Duty cheats can expect embarrassment with new anti-cheat feature

• Ransomware payments are marginal when compared to the overall costs

• Meta Pleases Investors After Daily User Number Growth Returns

• Fake USA for UNHCR site wants your Ukraine donations in Bitcoin

• CISA published 2021 Top 15 most exploited software vulnerabilities

• Microsoft Issues Report of Russian Cyberattacks against Ukraine

• Facebook phishers threaten users with Page Recovery Help Support

• Onyx ransomware destroys files, and also the criminal circle of trust

• QNAP customers urged to disable AFP to protect against severe vulnerabilities

• How Tencent is building a global game production system

• Attacker Breach ‘Dozens’ of GitHub Repos Using Stolen OAuth Tokens

• Threat-Hunting Journal April 2022 – Easter Edition

• Cyber Crime Is on The Rise and These Experts Have the Knowledge You Need

• KB4-CON 2022: Awareness, Behavior and Culture: Trip Report

• How Covid-19 Changed Advertising Forever

• Log4j flaw: Thousands of applications are still vulnerable, warn security researchers

• Cyberattacks Rage in Ukraine, Support Military Operations

• National Cybersecurity Agencies List Most Exploited Vulnerabilities of 2021

• Critical Vulnerabilities in Azure PostgreSQL Exposed User Databases

• Governing Platforms Through Apple’s App Store in the U.S. and China

• 4 Ways An AV Integration Company Can Improve Your Business

• Azure Database for PostgreSQL Flexible Server Privilege Escalation and Remote Code Execution

• This is how Elon Musk can securely achieve his mission of authenticating Twitter users

• Celebrating World Autism Awareness Month with educational activities and our Autism@IT mentoring project

• A Peek into Visa’s AI Tools Against Fraud

• How cities are trying to combat the nation’s deadliest weather risk

• Cloudflare Customer Targeted in Record HTTPS DDoS Attack

• Experts Detail 3 Hacking Teams Working Under the Umbrella of TA410 Group

• The More You Know: Job Searching & Interviewing

• Top Exploited Vulnerabilities in 2021 Revealed by Cybersecurity Firms

• Android security: We stopped billions of harmful app downloads, says Google

• Overcoming Cybersecurity Recruiting Challenges

• Everything you need to know to create a Vulnerability Assessment Report

• Ransoms only make up 15% of ransomware costs

• ZecOps Announces Support for Forensics Images Acquired by GrayShift

• Anger As Musk Engages With Tweets Criticising Twitter Execs

• IETF Publishes RFC 9116 for ‘security.txt’ File

• A Chilling Russian Cyber Aim in Ukraine: Digital Dossiers

• Cybercriminals Using New Malware Loader ‘Bumblebee’ in the Wild

• ZecOps Announces Support for Forensics Images Acquired by GreyShift

• Over 300,000 Internet-Exposed Databases Identified in 2021

• Phishing attacks benefiting from shady SEO practices

• Global Security Spending Set to Hit $198bn by 2025

• CloudFlare blocked a record HTTPs DDoS attack peaking at 15 rps

• The Top Exploited Vulnerabilities in 2021 Revealed by Cybersecurity Firms

• Microsoft Discloses True Scale Of Russian Cyberattacks On Ukraine

• Microsoft: Russia Has Launched Hundreds of Cyber Operations in Ukraine

• Twitter’s New Owner Elon Musk Wants DMs to be End-to-End Encrypted like Signal

• Security Alert as Researchers Discover 400,000 Exposed Databases

• Synopsys Acquires WhiteHat Security to Expand Application Security Software-as-a-Service Capabilities

• New RIG Exploit Kit Campaign Infecting Victims’ PCs with RedLine Stealer

• The 15 most exploited vulnerabilities in 2021

• Top five post-pandemic priorities for cybersecurity leaders

• Get Ready to Repair Your Own iPhone! – Intego Mac Podcast Episode 237

• Money or your business: Ensure your ransomware defense strategy beats off disruptions, extortions

• A Complete Guide to Perform External Penetration Testing on Your Client Network | Step-by-Step Methods

• How to Know If Your Computer Has Virus? How to Protect Your PC?

• U.S Cybersecurity Agency Lists 2021’s Top 15 Most Exploited Software Vulnerabilities

• Modern bank heists: How can they be thwarted?

• How to make DevSecOps a reality

• Remote execution holes in Log4j, Exchange and Confluence lead Five Eyes 2021 exploited CVE list

• CloudFlare Thwarts Record DDoS Attack Peaking at 15 Million Requests Per Second

• Russia-linked threat actors launched hundreds of cyberattacks on Ukraine

• Ransomware is up and victims are paying

• Top 5 security analytics to measure

• Versa Networks Hosting Versatility 2022, Inaugural SASE User Conference Being Held this Week

• Why Are Ransomware Attacks Increasing and How Can We Prevent Them?

• Microsoft releases open-source tool for securing MikroTik routers

• Is Quantum Secured Metro Network the future to Secure Communication

• Ransomware news headlines trending on Google

• QNAP Advises to Mitigate Remote Hacking Flaws Until Patches are Available

• Cybercriminals deliver IRS tax scams and phishing campaigns by mimicking government vendors

• Veza, the Data Security Company Built On The Power of Authorization, Emerges from Stealth and Announces $110 Million in Funding

• Cohesity Named a Major Player in the 2022 IDC MarketScape Worldwide Distributed Scale-Out File System Vendor Assessment

• RackTop Systems Expands Channel Partner Program

• CrowdStrike Introduces Adversary-Focused CNAPP Capabilities Designed to Secure and Protect Cloud Applications from Sophisticated Threats

• Despite its Challenges, Cloud Computing is Still the Way to Go

• How AI can close gaps in cybersecurity tech stacks

• Post-pandemic priorities for security leaders

• Are businesses ready to implement cloud-native development?

• PCI DSS 4.0 and ISO 27001 – the dynamic duo

• GrammaTech CodeSonar 7.0 helps developers find and fix issues while coding

• Fidelis Cybersecurity platform enhancements protect enterprises against advanced threats

• SecurityGen ACE platform improves security posture for the mobile operators

• CyberLink FaceMe Platform allows users to monitor all databases and system services in one place

• Kudelski Security MDR ONE addresses the growing sophistication of threats across hybrid environments

• Google Search removal requests expanded to include personal contact information

• Alkira Cloud Insights allows businesses to optimize their cloud deployments

• Five Eyes nations reveal 2021’s fifteen most-exploited flaws

• Musk’s Plan to Reveal the Twitter Algorithm Won’t Solve Anything

• Russia Is Being Hacked at an Unprecedented Scale

• Mandiant: Attackers’ Median Dwell Time Drops to 3 Weeks

• Threat Detection Software: A Deep Dive

• Keysight Technologies M9484C VXG enables customers to reduce test system setup complexity

• Cynerio collaborates with Securonix to protect healthcare organizations against security threats

• Doppler Takes on Secrets Management

• ARMO raises $30 million to offer a complete open source security solution for the Kubernetes community

• Tenable acquires Bit Discovery to help organizations minimize cyber exposure

• Data I/O partners with NXP Semiconductors and Avnet Silica to enable supply chain integrity

• Best home security camera (2022)

• Titania appoints Claire Clark as VP of Engineering

• Chinese APT Bronze President Mounts Spy Campaign on Russian Military

• Ivanti names Dennis Kozak as COO

• Microsoft points at Linux and shouts: Look, look! Privilege-escalation flaws here, too!

• IT Security News Daily Summary 2022-04-27

• The data states need to improve digital equity

• Russia Coordinating Cyberattacks With Military Strikes in Ukraine: Microsoft

• How to conduct Linux privilege escalations

• The Role IaaS Providers Play in Elevating Security Posture

• Explaining User and Entity Behavior Analytics: Enhanced Cybersecurity Through UEBA

• Cybersecurity, Big Data & Automation Tools: What Marketers Need To Know

• Elon Musk-themed cryptocurrency scam uses fake Medium as the promotion site

• How AI-driven company Oculeus helps telecom service providers better combat fraud

• Synopsys to Acquire WhiteHat Security from NTT

• Time for a U.N. Peace Enforcement Operation in Northern Ukraine?

• Why Steve Bannon’s Contempt Prosecution Revolves Around His Attorney, Robert J. Costello

• Smarter Homes & Gardens: Smart Speaker Privacy

• State Department taps assessment-based hiring process for data scientists

• Privacy Enhancing Tech Startup Enveil Bags $25 Million Investment

• Data-driven approach boosts efficiency of streetlight repairs

• Emotet is Back From ‘Spring Break’ With New Nasty Tricks

• Coca-Cola Investigates Data-Theft Claims After Ransomware Attack

• CISA: Log4Shell Was the Most-Exploited Vulnerability in 2021

• Looking for the latest insight to ensure cyber security in the long term? It’s right here

• NSA re-awards secret $10 Billion contract to Amazon

• A lookback under the TA410 umbrella: Its cyberespionage TTPs and activity

• Five Eyes reveals 15 most exploited vulnerabilities of 2021

• Illinois Facebook Users Could Get Facebook Privacy Settlement Money Soon

• Zero-Day Vulnerabilities Are on the Rise

• Streaming graph analytics: ThatDot’s open-source framework Quine is gaining interest

• Bernie Sanders wants Amazon debarred from federal contracting

• Canvas and other Online Learning Platforms Aren’t Perfect—Just Ask Students

• Electron Application Attacks: No Vulnerability Required

• Report: 4 cybercrime stats to watch

• How drones document crash scenes

• Top VC Firms in Cybersecurity for 2022

• Feds offer big rewards for info on suspected Russian Sandworm intel officers

• Cyber Skills Gap Linked to Breaches

• Smile Brands Breach Impacts 2.5 Million Individuals

• Millions Of Java Apps Remain Vulnerable To Log4Shell

• Bitcoin Becomes Official Currency In Central African Republic

• Chinese Drone-Maker DJI Suspends Ops In Russia, Ukraine

• 6 Best Data Security Practices You Can Start Today

• Medical Device Cybersecurity: What Next in 2022?

• USDA opens grants to streamline SNAP

• REvil ransomware attacks resume, but operators are unknown

• Apple Opens ‘Self Service Repair’ Online Store

• Most Brits Rely On Memory To Manage Passwords, Says Bitwarden

• NGA will take over Pentagon’s flagship AI program

• Private Investigator Admits Role in Hedge Fund Hack

• Artificial Intelligence and Chemical and Biological Weapons

• Critical Vulnerability Identified in Ever Surf Blockchain Wallet

• Endpoint security and remote work

• Versa Networks Hosting Versatility 2022, Virtual SASE User Conference

• Watch: The Four Stages of Zero Trust Maturity

• Sophos: 66% of organizations hit by ransomware in 2021

• [eBook] Your First 90 Days as MSSP: 10 Steps to Success

• How we fought bad apps and developers in 2021

• How one senior developer brings the startup spirit to Microsoft

• New Data Safety section on Google Play Store

• How to detect phishing images in emails

• Angular + React: Vulnerability Cheatsheet

• April 2022 Web Server Survey

• Strider secures $45M for data intelligence to avert economic espionage

• Transformation and the CX executive order

• Ransomware demands are growing, but life is getting tougher for malware gangs

• Ransomware Survey 2022 – like the Curate’s Egg, “good in parts”

• Quantum Ransomware was Detected in Several Network Attacks

• New APT Group Earth Berberoka Targets Gambling Websites With Old and New Malware

• Amazon Won’t Face Federal Action Over Tornado Warehouse Collapse

• Putting Your SOC in the Hot Seat

• CIS Control 17: Incident Response Management

• Fighting Fake EDRs With ‘Credit Ratings’ for Police

• 2021 Top Routinely Exploited Vulnerabilities

• 2021 Top Routinely Exploited Vulnerabilities

• Compliance as Code: Extending compliance automation for process improvement

• Strider secures $45M for data intelligence that helps companies avert economic espionage threats

• The Army wants to re-do how it manages cyber risk

• How Industry Leaders Should Approach Open Source Security

• 2021 Top Routinely Exploited Vulnerabilities

• 2021 Top Routinely Exploited Vulnerabilities

• US Department of State offers $10M reward for info to locate six Russian Sandworm members

• The Nimbuspwn Linux Flaw Allows Root Access

• China turns cyber-espionage eyes to Russia as Ukraine invasion grinds on

• China turns prying eyes to Russia as the Ukraine invasion grinds on

• Risk Intelligence Company Strider Raises $45 Million

• Amidst Invasion of Ukraine, Platforms Continue to Erase Critical War Crimes Documentation

• Guide to Remove Ransomware

• First fully open-source Kubernetes security platform ARMO raises $30M

• Bronze President spies on Russian targets as Ukraine invasion continues

• Can Elon Musk Spur Cybersecurity Innovation at Twitter?

• Internet Outages in French Cities After Cable ‘Attacks’: Operator

• Can Tech Visionary Elon Musk Spur Cybersecurity Innovation at Twitter?

• Explaining Cloud Native Application Security

• Millions of Java Apps Remain Vulnerable to Log4Shell

• Chinese Cyberspies Targeting Russian Military

• Google’s New Safety Section Shows What Data Android Apps Collect About Users

• Chinese Hackers Targeting Russian Military Personnel with Updated PlugX Malware

• Cisco Duo Security Completes Australia’s Information Security Registered Assessors Program (IRAP) Assessment

• “URGENT BUSINESS PROPOSAL!!!” 419 scammer wants your help to move someone’s inheritance

• (ISC)² Hellenic Chapter Wins Award for Creating Educational Materials

• Alphabet Profit Slides As YouTube Misses Expectations

• Doppler raises $20 million for SecretOps solution to protect developers ‘secrets’

• Coherent raises $75M Series B to enable hybrid-work era development

• CrowdStrike unveils tools to fight threats to cloud-native applications

• ARMO Raises $30 Million for Open Source Kubernetes Security Platform

• Coca-Cola Investigates Hacker Data Theft Allegations

• The U.S. is offering up to $10 million for Identity to Locate Sandworm Hacking Group

• Cracks forming in the ransomware ecosystem

• Chrome 101 Patches 30 Vulnerabilities

• State of Ransomware Report 2022: 66% Organizations Hit in 2021

• Coca-Cola Investigating Hack Claims Made by Pro-Russia Group

• North Koreans Are Jailbreaking Phones to Access Forbidden Media

• Linux Nimbuspwn flaws could allow attackers to deploy sophisticated threats

• APT trends report Q1 2022

• Nimbuspwn bugs allow attackers to gain root privileges on some Linux machines (CVE-2022-29799, CVE-2022-29800)

• Secrets Every Laptop Owner Should Know

• What’s happening in the world of personal cyber insurance?

• “Reject All” cookie consent button is coming to European Google Search and YouTube

• Achieving Sustainable Cybersecurity Through Proper Care and Feeding

• Hackers claim to have breached Coca Cola

• Emotet fixes bug in code, resumes spam campaign

• YouTuber Deliberately Crashed Plane For Views, FAA Rules

• Here’s what to look forward to at CARO Workshop 2022

• Coca-Cola Investigates Data Breach Claim

• Are you making this important TikTok error?

• Synopsys Named AppSec Testing Leader in the 2022 Gartner® Magic Quadrant™

• US pledges $10m for Sandworm information

• Everything You Can Do with iCloud – The Complete Guide

• UK Schools Can Sign-Up to Free Government-Grade Security

• Nimbuspwn Linux Bugs Could Provide Root Access

• Wind Turbine giant Deutsche Windtechnik hit by a professional Cyberattack

• Synopsys Named AppSec Testing Leader in the 2022 Gartner® Magic Quadrant™

• Amazon Faces Union Vote At Second State Island Facility

• US Offers $10m for Russian NotPetya Sandworm Team

• U.S. Offers $10 Million Bounty for Information on 6 Russian Military Hackers

• Synopsys Named AppSec Testing Leader in the 2022 Gartner® Magic Quadrant™

• Attackers remain persistent and indiscriminate as multi-vector DDoS attacks continue to rise

• Chinese drone-maker DJI suspends ops in Russia, Ukraine

• Synopsys Named AppSec Testing Leader in the 2022 Gartner® Magic Quadrant™

• Conti ransomware operations surge despite the recent leak

• Synopsys Named AppSec Testing Leader in the 2022 Gartner® Magic Quadrant™

• Should security teams be giving service with a smile?

• How the Emotet botnet flooded inboxes across Japan

• Synopsys Named AppSec Testing Leader in the 2022 Gartner® Magic Quadrant™

• Study: How Amazon uses Echo smart speaker conversations to target ads

• Synopsys Named AppSec Testing Leader in the 2022 Gartner® Magic Quadrant™

• How to deal with security challenges fueled by multicloud environments

• Synopsys Named AppSec Testing Leader in the 2022 Gartner® Magic Quadrant™

• Governments under attack must think defensively

• Russia could have hacked the UK Spy agency says MoD

• Synopsys Named AppSec Testing Leader in the 2022 Gartner® Magic Quadrant™

• The hierarchy of cybersecurity needs: Why EASM is essential to any zero-trust architecture

• NPM Bug Allowed Attackers to Distribute Malware as Legitimate Packages

• Synopsys Named AppSec Testing Leader in the 2022 Gartner® Magic Quadrant™

• Keep your digital banking safe: Tips for consumers and banks

• Synopsys Named AppSec Testing Leader in the 2022 Gartner® Magic Quadrant™

• Cyber-attack defense: CIS Benchmarks + CDM + MITRE ATT&CK

• Synopsys Named AppSec Testing Leader in the 2022 Gartner® Magic Quadrant™

• Multi-vector DDoS attacks on the rise, attackers indiscriminate and persistent

• PCI DSS 4.0 is Here: What you Need to Consider

• Microsoft Discovers New Privilege Escalation Flaws in Linux Operating System

• Synopsys Named AppSec Testing Leader in the 2022 Gartner® Magic Quadrant™

• Siloed technology management increases operational blind spots and cyber risk

• Synopsys Named AppSec Testing Leader in the 2022 Gartner® Magic Quadrant™

• Akamai Audience Hijacking Protector defends online businesses against fraud

• Trend Micro One provides visibility and control across the entire attack surface

• eBook: A new breed of endpoint protection

• The trouble with BEC: How to stop the costliest internet scam

• Synopsys Named AppSec Testing Leader in the 2022 Gartner® Magic Quadrant™

• Chainguard Enforce protects organizations from supply chain threats

• ThreatX expands API visibility and protection capabilities to stop complex threats in real-time

• Datto releases two solutions to empower MSPs with continuity for their SMB clients

• Google begins roll out of Play Store data safety section

• DJI temporarily suspends operations in Russia and Ukraine

• Synopsys Named AppSec Testing Leader in the 2022 Gartner® Magic Quadrant™

• Synopsys Named AppSec Testing Leader in the 2022 Gartner® Magic Quadrant™

• Synopsys Named AppSec Testing Leader in the 2022 Gartner® Magic Quadrant™

• Synopsys Named AppSec Testing Leader in the 2022 Gartner® Magic Quadrant™

• Log4j Attack Surface Remains Massive

• Synopsys Named AppSec Testing Leader in the 2022 Gartner® Magic Quadrant™

• Equifax partners with Interos to help customers manage potential supply chain disruptions

• Sequitur Labs and Lenovo join forces to secure AI models at the edge

• EFF to European Court: No Intermediary Liability for Social Media Users

• Synopsys Named AppSec Testing Leader in the 2022 Gartner® Magic Quadrant™

• HUB Security collaborates with TestArmy to offer cyber solutions for the European market

• How Do I Report My Security Program’s ROI?

• Synopsys Named AppSec Testing Leader in the 2022 Gartner® Magic Quadrant™

• BigBear.ai hires Carolyn Blankenship as General Counsel

• Eric Jackson joins Fusion Risk Management as CPO

• AWS launches digital twin service

• Tenable Acquires External Attack Surface Management Vendor for $44.5M

• Synopsys Named AppSec Testing Leader in the 2022 Gartner® Magic Quadrant™

• Kaseya opens an office in Poland to expands its global footprint

• Qualcomm appoints Jim Cathey as CCO

• Critical RCE Vulnerability Reported in Google’s VirusTotal

• CISA is helping pave the way to secure IoT systems, FEMA official says

• Questions to ask when hiring former federal workers

• GSA launches new tool to simply the federal buying process

• Cisco Talos observes ‘novel increase’ in APT activity in Q1

• Four Benefits of Software as a Service (SaaS) for Cybersecurity Teams

• Synopsys Named AppSec Testing Leader in the 2022 Gartner® Magic Quadrant™

• IT Security News Daily Summary 2022-04-26

• Agriculture Department offers grants to improve SNAP

• Practice makes perfect when it comes to recovering from a cyberattack

• US Offers $10 Million in Rewards for Russian Intelligence Officers Behind NotPetya Cyberattacks

• Tenable Shells Out $45 Million to Acquire Bit Discovery

• Data security requires DLP platform convergence

• Synopsys Named AppSec Testing Leader in the 2022 Gartner® Magic Quadrant™

• DSA Agreement: No Filternet, But Human Rights Concerns Remain

• Synopsys Named AppSec Testing Leader in the 2022 Gartner® Magic Quadrant™

• Who is exploiting VMware right now? Probably Iran’s Rocket Kitten, to name one

• Elon Musk’s Twitter Buy Exposes a Privacy Minefield

• Synopsys Named AppSec Testing Leader in the 2022 Gartner® Magic Quadrant™

• What are the benefits and challenges of microsegmentation?

• The Ins and Outs of Secure Infrastructure as Code

• Elon Musk’s Twitter Buy Exposes a Privacy Minefield

• Synopsys Named AppSec Testing Leader in the 2022 Gartner® Magic Quadrant™

• 4 ways to strengthen Azure AD security

• Why data centers call Virginia home

• Defending Your Business Against Russian Cyberwarfare

• Synopsys Named AppSec Testing Leader in the 2022 Gartner® Magic Quadrant™

• Coca-Cola probes pro-Kremlin gang’s claims of 161GB data theft

• Synopsys Named AppSec Testing Leader in the 2022 Gartner® Magic Quadrant™

• CISA Taps Veteran CISO Bob Lord for Technical Adviser Role

• Synopsys Named AppSec Testing Leader in the 2022 Gartner® Magic Quadrant™

• Ransomware Attacks: Everything You Need to Know

• API Attacks Soar Amid the Growing Application Surface Area

• Iran-linked APT Rocket Kitten exploited VMware bug in recent attacks

• Synopsys Named AppSec Testing Leader in the 2022 Gartner® Magic Quadrant™

• AUSTRAC Publishes New Guidance on Ransomware and Crypto Crime

• Practical ideas for managing polarization at work

• Synopsys Named AppSec Testing Leader in the 2022 Gartner® Magic Quadrant™

• BitB- Capture credentials with a fake browser login

• Web Application Security Firm Source Defense Raises $27 Million

• German Wind Turbine Firm Discloses ‘Targeted, Professional Cyberattack’

• Data Breach Disrupts UK Army Recruitment

• Synopsys Named AppSec Testing Leader in the 2022 Gartner® Magic Quadrant™

• New Scam Utilizing AI-Generated Images to Represent Fake Law Firm

• USA’s plan to decouple its tech with China lacks a strategy – report

• Siloed Tech Prompts Security Worries

• Emotet Tests New TTPs

• Giving Russian Assets to Ukraine—Freezing Is Not Seizing

• Synopsys Named AppSec Testing Leader in the 2022 Gartner® Magic Quadrant™

• Microsoft finds new elevation of privilege Linux vulnerability, Nimbuspwn

• Cloud Security Alliance Updates Internet of Things (IoT) Controls Matrix with New Incident Management Domain and Enhanced Technical Clarity and Referencing

• 90% of Companies Unprepared for CCPA Compliance, 95% Unprepared for GDPR, Says New Research by CYTRIO

• DevOps release process

• Java Spring vulnerabilities

• Stormous Ransomware targets Coca Cola

• Report: 74% of security leaders say that prevention-first strategies will fail

• Conti Ransomware Activity Surges Despite Exposure of Group’s Operations

• Why Collaboration Is Key To Driving The Future Of Risk Mitigation

• Synopsys Named AppSec Testing Leader in the 2022 Gartner® Magic Quadrant™

• Obama speaks at Stanford University on strengthening our democracy and reforming social media

• Cyber Security Experts Reacted On T-Mobile Breach

• Synopsys Named AppSec Testing Leader in the 2022 Gartner® Magic Quadrant™

• IT Safety and Security Best Practices for Online Students

• ‘Hack DHS’ program identifies 122 vulnerabilities across networks

• Cybersecurity M&A Activity to Continue; Growth Funding to be More Conservative

• Elon Musk Buys Twitter – Cyber Security Experts Reacted

• Synopsys Named AppSec Testing Leader in the 2022 Gartner® Magic Quadrant™

• Email encryption flexibility builds customer trust and business revenue

• Musk Buys Twitter: Industry Reaction

• Critical RCE Vulnerability in Google’s VirusTotal Platform Let Attackers Scans Capabilities

• DDoS attacks at an all-time-high in Q1 2022, says Kaspersky

• What Does Starlink’s Participation in Ukrainian Defense Reveal About U.S. Space Policy?

• UK Army Recruitment Portal Closed After Data Breach

• 4-Hour Time-to-Ransom Seen in Quantum Attack as Accelerated Ransomware Increasingly Common

• Cyber Conflict Overshadowed a Major Government Ransomware Alert

• EU Warns Elon Musk Over Twitter Moderation Plans

• The Emotet Botnet Is Back, And It Has Some New Tricks To Spread Malware

• The White House Wants More Powers To Crack Down On Rogue Drones

• Intuit Sued Over Alleged Crypto Currency Thefts Via Mailchimp Intrusion

• Bored Ape Yacht Club Instagram Hacked, NFTs Worth Millions Stolen

• Report: 65% of security leaders say they’ve experienced an increase in cyberattacks

• Chainguard releases native software supply chain security tool for Kurbernetes

• SecurityScorecard Launches Cyber Risk Quantification Portfolio

• Introducing Apostro: A Risk Management Platform for Web3 Security

• Darkweb Monitoring

• 9 Ways Social Media Sabotages Your Cybersecurity

• Top Cyber Threats to the Manufacturing Sector

• 5 Data Security Challenges and How to Solve Them

• Hospitals taken offline after cyberattack

• Emotet Testing New Delivery Ideas After Microsoft Disables VBA Macros by Default

• 12 Best Laptops for Teachers & Classrooms 2022 – For Classroom or Education from a Distance

• Source Defense’s unique web app for client-side security attracts $27M

• The White House wants more powers to crack down on rogue drones

• The Emotet botnet is back, and it has some new tricks to spread malware

• Firms Push for CVE-Like Cloud Bug System

• Improvise, Adapt, Overcome: Building Security Resilience in a World of Uncertainty

• Rogue ads phishing for cryptocurrency: Are you secure?

• Cybercriminals Impersonate Government Employees to Spread IRS Tax Frauds

• Jack Dorsey Backs Elon Musk’s Twitter Takeover

• Hive0117 Continues Fileless Malware Delivery in Eastern Europe

• Source Defense raises $27 million for unique web application client-side protection solution

• Nation-state Hackers Target Journalists with Goldbackdoor Malware

• Tractor-Trailer Brake Controllers Vulnerable to Remote Hacker Attacks

• Webinar Today: The Four Stages of Zero Trust Maturity

• CISA adds new Microsoft, Linux, and Jenkins flaws to its Known Exploited Vulnerabilities Catalog

• How Cybersecurity Businesses Are Tackling the Ukraine War: CyberNews Exclusive Interview

• Cyber Reporting: New Legislation Impacts US Banks

• Microsoft fixes Point of Sale bug that delayed Windows 11 startup for 40 minutes

• Atlassian Fixed A Critical Jira Vulnerability Allowing Authentication Bypass

• Inside a ransomware incident: How a single mistake left a door open for attackers

• Organizations Warned of Attacks Exploiting WSO2 Vulnerability

• Top VC Firms in Cybersecurity of 2022

• Meteoric attack deploys Quantum ransomware in mere hours

• Twitter CEO Tells Staff Future Is Uncertain

• Gold Ulrick Hackers Still in Action Despite Massive Conti Ransomware Leak

• North Korea targets journalists with novel malware

• Meta Begins Appeal Against UK Order To Sell Giphy

• Code Security Firm SonarSource Raises $412 Million at $4.7 Billion Valuation

• Security Teams Should Be Addressing Quantum Cyber-Threats Now

• North Korean Hackers Target Journalists with GOLDBACKDOOR Malware

• Stormous ransomware gang claims to have hacked Coca-Cola

• Two More Indicted Over North Korea Sanctions Evasion Plot

• Bored Ape Yacht Club Customers Lose $3m in NFT Scam

• French Hospitals Cut Internet Connection After Data Raid

• Clarifying Hacking with XSS

• Learn Why Adaptive Shield Provides Ultimate SaaS Security Posture Management

• Researchers Takeover Unpatched 3rd-Party Antivirus Sandboxes via VirusTotal

• Iranian Hackers Exploiting VMware RCE Bug to Deploy ‘Core Impact’ Backdoor

• North Korea-linked APT37 targets journalists with GOLDBACKDOOR

• Fraudsters pass KBA better than genuine customers

• How Cybersecurity Businesses are Tackling the Ukraine War: CyberNews Exclusive Interview

• Bitwarden Password Manager can now generate unique usernames

• India inks tech pact with EU – only the US has the same deal

• Anomaly Six, a US surveillance firm that tracks roughly 3 billion devices in real-time

• Download: CISO’s guide to choosing an automated security questionnaire platform

• Bored Ape Yacht Club Instagram takeover sees around $3 million in NFTs sail away

• Iranian Hackers Exploiting VMware RCE Bug to Deploy ‘Code Impact’ Backdoor

• MFA: A simple solution to protect your identity

• Do you need cyber asset attack surface management (CAASM)?

• Company asks customers to delete credit card info after data breach

• Conti Ransomware gang strikes BlueForce Inc

• Critical Jira Vulnerability Let an Unauthenticated Attacker to Bypass Authentication

• Principles for Kubernetes security and good hygiene

• Manage and monitor third-party identities to protect your organization

• Corporate structure and roles in InfoSec

• Shadow IT is a top concern related to SaaS adoption

• Improve your patching efficiency with Tripwire State Analyzer

• Fraudsters answer security questions better than customers

• Akamai unveils Linode Managed Database to help developers reduce risk and increase efficiency

• Contrast Security provides Red Hat OpenShift users with cloud-native automation

• Red Hat Application Foundations accelerates containerized application development in the cloud

• Logicalis Intelligent Connectivity improves business performances for enterprises

• Crooks steal NFTs worth ‘$3m’ in Bored Ape Yacht Club heist

• File Formats

• 2022-04-25 – Emotet epoch4 activity (LNK files)

• Iranian Hacking Group Among Those Exploiting Recently Disclosed VMWare RCE Flaw

• What the ECDSA Flaw in Java Means for Enterprises

• CyberCube collaborates with URS to provide security solutions for the insurance and reinsurance sectors

• Plaintiffs Press Appeals Court to Rule That FOSTA Violates the First Amendment

• Twitter To Be Sold To Elon Musk For $44 Billion

• DataCore partners with Atempo to help customers protect large volumes of data for long-term retention

• Pixel Watch prototype is left at a bar, gets photographed

• How Elon Musk Won Twitter

• A $3 Billion Silk Road Seizure Will Erase Ross Ulbricht’s Debt

• North Korean State Actors Deploying Novel Malware to Spy on Journalists

• Bored Ape Yacht Club Instagram Hack Leads to $2.8M Theft

• Hacking and Securing Python Applications

• When Security Meets Development: The DevSecOps Conundrum

• Mavenir announces the expansion of European capabilities to support Open RAN end-to-end delivery

• Intuit sued over alleged cryptocurrency thefts via Mailchimp intrusion

• State, local government primed for zero trust

• CISA Adds Seven Known Exploited Vulnerabilities to Catalog

• IT Security News Daily Summary 2022-04-25

• Report: More than 1B IoT attacks in 2021

• Choosing the right mobile tech to enhance first responder workflows

• CISA Adds Seven Known Exploited Vulnerabilities to Catalog

• Trend Micro launches new attack surface management platform

• DOD IG says Army could waste nearly $22 billion on augmented reality headsets

• North Dakota-Based Healthcare Billing Services Group Hacked

• LemonDuck botnet evades detection in cryptomining attacks

• Watch out for this SMS phish promising a tax refund

• VA dinged by watchdog over project management woes

• Cisco Addressed Static SSH Key Flaw In Umbrella VA

• Labor Dept. pilot taps state data for a new look at who is getting UI

• T-Mobile breached in apparent Lapsus$ attack

• Researchers Report Critical RCE Vulnerability in Google’s VirusTotal Platform

• SMS Phishing Attacks are on the Rise

• Twitter Has a New Owner. Here’s What He Should Do.

• Homeland Security bug bounty program uncovers 122 holes in its systems

• Trend Micro launches new attack surface management platform to highlight external-facing assets

• 8 Top Unified Threat Management (UTM) Software & Hardware Vendors

• Mastercard Launches Next-Generation Identity Technology with Microsoft

• Call for Papers: The University of Texas at Austin Announces the 2022 ‘Bobby R. Inman Award’ for Student Scholarship on Intelligence

• Why software has so many vulnerabilities, with Tanya Janca: Lock and Code S03E09

• Ukraine Invasion Driving DDoS Attacks to All-Time Highs

• Lapsus$ Hackers Stole T-Mobile’s Source Code and Systems Data

• Iran announced to have foiled massive cyberattacks on public services

• Handle Sensitive Data Securely with Skyflow

• Phishing goes KISS: Don’t let plain and simple messages catch you out!

• Gun Shop Owner Claims He Was Censored By Facebook

• Our Fight To Prevent Patent Suits From Being Shrouded in Secrecy

• Brave and DuckDuckGo Browsers Block Google AMP Tracking

• Lenovo Fixed UEFI Driver Bugs Affecting 100+ Laptop Models

• Serious Android Vulnerability Exposed Stored Media Files To An Adversary

• ICS Exploits Earn Hackers $400,000 at Pwn2Own Miami Hacking Contest

• Next CISO headache: Vendor cyber insurance

• Kansas Hospital Discloses Data Breach

• See New Safety Preparedness Tips to Aid Kids, Families & Communities

• Why Ransomware Response Matters More Than Protection

• The US Saw a Spike in Child Sexual Abuse URLs in 2021

• Can Tape Storage block ransomware attacks

• Solving the Data Problem Within Incident Response

• Malware enables less skilled adversaries to attack industrial control systems

• Webcam hacking: How to know if someone may be spying on you through your webcam

• Former DNC CISO Bob Lord Joins CISA Cybersecurity Division

• CSAM Creator Imprisoned for Life

• Costa Rica Refuses to Pay Cyber Ransom

• The Legacy of the Soviet Afghan War and Its Role in the Ukrainian Invasion

• Russian Leaders Know They’re Committing War Crimes. Their Laws of War Manual Says So.

• Microsoft best practices for managing IoT security concerns

• Flaw could have granted criminals control over Ever Surf crypto wallets

• Criminals exploiting a flaw could have gained control of Ever Surf crypto wallets

• Trend Micro Launches New Security Platform

• Jim Cramer explains why he still likes the work-from-home and cybersecurity sectors

• State TV Says Iran Foiled Cyberattacks on Public Services

• Security resilience from the classroom to the cloud

• Hackers Use Malicious Google Ads To Steal $4 Million In Stablecoin

• Hackers Are Exploiting Zero Days More Than Ever

• FBI Says BlackCat Ransomware Scratched 60+ Orgs

• Why our software has so many vulnerabilities, with Tanya Janca: Lock and Code S03E09

• HCL Software ranked as a leader in application security testing

• Web3 startup Internxt, valued at $40M aims to compete with Google Drive

• QR Code Security: How Your Business Can Use Them Responsibly

• Brazil sees improvement in data breaches

• Hack DHS: Homeland Security’s first bug bounty turns up 122 vulnerabilities

• Overlapping ICS/OT Mandates Distract From Threat Detection and Response

• 10 Best Laptops for Revit to Buy 2022 – Perfect for Architectural

• Apple’s child safety features are coming to a Messages app near you

• Lapsus$ Hackers Target T-Mobile

• Why MITRE matters to SMBs

• The State of SaaS

• Crooks Spoofing Credit Unions to Steal Funds and Login Credentials

• T-Mobile Reveals its Security Systems were Hacked via Lapsus$ Hackers

• FBI: This ransomware written in the Rust programming language has hit at least 60 targets

• This sneaky phishing attack tries to steal your Facebook password

• Atlassian Patches Critical Authentication Bypass Vulnerability in Jira

• Binance Recovers Over $5.8M From Axie Infinity Bridge Attack

• CLOUD: A SHAKESPEAREAN DRAMA?

• Critical infrastructure organizations in the USA on high alert for cyber attacks

• ‘Hack DHS’ Participants Awarded $125,000 for Over 100 Vulnerabilities

• Universities lose over £2m to ransomware

• Cybersecurity Threats and Trends 2022

• Top 8 Personal Cyber Security Tips

• Critical Bug in Everscale Wallet Could’ve Let Attackers Steal Cryptocurrencies

• A week in security (April 18 – 24)

• Israeli Private Eye Pleads Guilty In Wirecard Hacking Case

• Lapsus$ Hackers Gained Access to T-Mobile Systems, Source Code

• Congress Republicans Ask Twitter To Conserve Musk Bid Records

• Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of April 18, 2022

• Spanish Ombudsman to Probe Pegasus Spyware Claims

• New BotenaGo Malware Variant Targeting Lilin Security Camera DVR Devices

• DDoS attacks in Q1 2022

• CNN Shuts Down Streaming Service One Month After Launch

• Tesla Profits Hit New High In Spite Of Price Hikes

• Critical Android Bug Let Attackers to Access Users’ Media and Audio Conversations

• Hackers Sending Poisoned Resumes to steal Credentials and Bank Details

• FCA: Challenger Banks Failing to Spot Money Launderers

• Ransomware Attacks Cost Universities Over £2m

• FBI sounds alarm on BlackCat ransomware

• BlackCat Ransomware gang breached over 60 orgs worldwide

• Honda To Develop Three New Electric Vehicle Platforms

• Twitter Works With Stripe On Crypto Payments Trial

• Experts warn of a surge in zero-day flaws observed and exploited in 2021

• Japan Aims To Ramp EV Battery Production Amidst Stiff Competition

• Newest State Data Privacy Legislation | Avast

• Journey Into The Metaverse | Avast

• FBI: BlackCat ransomware scratched 60-plus orgs

• Network attacks increased to a 3-year high

• Prevent HEAT attacks to foil ransomware incidents

• How to avoid compliance leader burnout

• WAWA retail store questions MasterCard over data breach penalties

• Apple Audio Code has severe vulnerabilities affecting millions of smart phone devices

• FBI Warns of BlackCat Ransomware That Breached Over 60 Organisations Worldwide

• Is cybersecurity talent shortage a myth?

• Medical device cybersecurity: What to expect in 2022?

• WINNING TACTICS FOR SECURITY AWARENESS INNOVATIONS via EXPERIENCE (2 of 2)

• 41% of businesses had an API security incident last year

• Threat Intelligence in the SOC- How can it help mitigate risks?

• Phishing attacks soar, retail and wholesale most targeted

• BreachBits BreachRisk helps organizations to understand and measure cyber risk

• Alert Logic Intelligent Response minimizes the impact of a security breach

• How to better manage your digital attack surface risk

• IT Security News Weekly Summary – Week 16

• IT Security News Daily Summary 2022-04-24

• Sensitive Data: Securing Your Most Important Asset

• Spain Vows to be Transparent in Probe of Pegasus Spyware Use

• New iPhone Zero-Click Bug Exploited In Pegasus Attacks Against Catalans

• Watch Out For This Fake Windows 11 Upgrade Lure

• AWS, and Alibaba Cloud was Attacked by Crypto Miners

• Docker Servers Targeted by LemonDuck Cryptomining Campaign

• How Emerging Technology Is Breaking Arms Control

• The Metaverse Is Coming

• Atlassian addresses a critical Jira authentication bypass flaw

• Cybersecurity and Other Top Risk Factors in 2022

• The Security Vulnerabilities Facing Remote Workforces

• Since declaring cyber war on Russia Anonymous leaked 5.8 TB of Russian data

• Phishing Attacks grew by 29% in 2021 overall. Smishing is on the rise

• Apr 17 – Apr 23 Ukraine – Russia the silent cyber conflict

• Security Affairs newsletter Round 362 by Pierluigi Paganini

• Week in review: Outdated open source, the role of the lawyer in cybersecurity

• How Do You Become an Expert in Mergers and Acquisitions

• Most Important Web Application Pentesting Tools & Resources – 2022

• Emotet Malware: Shut Down Last Year, Now Showing a Strong Resurgence

• We Stand with All of You

• CoreStack partners with Zeblok Computational to enable secure deployment of AI for multiple industries

• PTC and ITC Infotech expand partnership to accelerate customer digital transformation initiatives

• IT Security News Daily Summary 2022-04-23

• [Video] Exploiting Windows RPC – CVE-2022-26809 Explained | Patch Analysis

• T-Mobile confirms Lapsus$ had access its systems

• Dangerous malware is up 86%: Here’s how AI can help

• Are you using Java 15/16/17 or 18 in production? Patch them now!

• To Reliably Govern Multi-Cloud Workloads, IT Leaders Demand Better Security Insights

• FBI Issues Warning as BlackCat Ransomware Targets More Than 60 Organizations Worldwide

• What Does Volunteering at (ISC)² Mean? Hear From Volunteer Lisa Vaughan

• Critical Chipset Flaws Enable Remote Spying on Millions of Android Devices

• Pwn2Own – Hackers earn $400K for 26 zero-day Exploits

• Veracode Named a Leader in the 2022 Gartner® Magic Quadrant™ for Application Security Testing for Ninth Consecutive Time

• BreachBits Announces BreachRisk, The New Standard in Cyber Risk Scoring

• SOC Prime Appoints Industry Veteran To Grow Worldwide Sales

• Gartner Announces Gartner Security & Risk Management Summit 2022

• What Do You Mean My Email Isn’t Free?

• Cyberattack Causes Chaos in Costa Rica Government Systems

• Phishing attacks using the topic “Azovstal” targets entities in Ukraine

• Now Mandiant says 2021 was a record year for exploited zero-day security bugs

• T-Mobile Admits Lapsus$ Hackers Gained Access to its Internal Tools and Source Code

• Atlassian Drops Patches for Critical Jira Authentication Bypass Vulnerability

• Cybersecurity threats to critical infrastructure – Week in security with Tony Anscombe

• D2iQ Kubernetes Platform enhancements accelerate mission-critical production deployments

• Amazon Aurora Serverless v2 removes the complexity of managing database capacity

• Neustar Security Service integrates with Terraform to help customers manage DNS strategy

• How to protect AI from cyberattacks – start with the data

• CertiK raises $60 million to address the growing demand for Web3 security

• Skyflow collaborates with Plaid to enhance fintech ecosystem security

• Many Medical Device Makers Skimp on Security Practices

• Conti ransomware claims responsibility for the attack on Costa Rica

• Top 8 Cyber Insurance Companies for 2022

• Cryptomining Overview for DevOps

• Cybersecurity for a More Sustainable Future

• Michigan, National Park Service to test mobility tech in local national parks

• Get ready for the metaverse

• Defense against the dark arts: CISOs prep for critical infrastructure attacks

• IT Security News Daily Summary 2022-04-22

• Unethical vulnerability disclosures ‘a disgrace to our field’

• An introduction to binary diffing for ethical hackers

• US DOJ probes Google’s $5.4b Mandiant acquisition

• Sophos Buys Alert-Monitoring Automation Vendor

• 5 reasons the U.S. could lose its quantum leadership

• Report: Facebook Posts Casting Doubt On Alleged War Crimes Shared 208,000 times In One Week

• FBI Warns Ransomware Attacks on Agriculture Co-ops Could Upend Food Supply Chain

• Neustar Security Services’ UltraDNS Integrates Terraform for Streamlined, Automated DNS Management

• Best backup software (2022)

• LemonDuck Cryptomining Botnet Hunting for Misconfigured Docker APIs

• GSA plans to publish zero trust playbooks

• AI is already learning from Russia’s war in Ukraine, DOD says

• Early Discovery of Pipedream Malware a Success Story for Industrial Security

• 12 Women in Cybersecurity Who Are Reshaping the Industry

• Report: Orgs spend 3,850 hours annually cleaning up email-based cyberattacks

• GSA plans to publish a zero trust playbooks

• Russian cyberattack could capitalize on election doubts

• China’s NFT Plans Are a Recipe for the Government’s Digital Control

• DISA is gearing up for the ‘technician of the future’

• FBI Releases IOCs Associated with BlackCat/ALPHV Ransomware

• Google Researchers: ‘Zero-Day’ Hacks Hit Record in 2021

• Cyware is Changing the Cybersecurity Landscape

• The push toward climate-friendly grid security and resilience

• Strike Security Scores Funding for ‘Perpetual Pentesting’ for SMBs

• FBI Releases IOCs Associated with BlackCat/ALPHV Ransomware

• ZingoStealer – A Potent Infostealer, CryptoStealer, And Malware Dropper

• Multi-Cluster Kubernetes Management and Access

• Wawa Sues Mastercard Over Data Breach Penalties

• Security software companies are going to be steady if we go into a recession, says ACME’s Hany Nada

• Hive ransomware affiliate zeros in on Exchange servers

• SuperCare Health Faces Lawsuits Over Data Breach

• YES Launches Free Cybersecurity Training Program

• CyberUSA, and Superus Careers Launch Cyber Career Exchange Platform

• PerimeterX Code Defender Extends Capability To Stop Supply Chain Attacks

• Forescout Enhances Continuum Platform With New OT Capabilities

• Contrast Security Introduces Cloud-Native Automation

• Bitdefender Enhances Premium VPN Service With New Privacy Protection Technologies

• Microsoft announces new collaboration with Red Button for attack simulation testing

• In 2021, the UK Government was Plagued by Hundreds of Spam Emails

• Nigeria blocks 73 million mobile numbers for security reasons

• When Attacks Surge, Turn to Data to Strengthen Detection and Response

• QNAP warns of new bugs in its Network Attached Storage devices

• Bolstering Security Standards: How A Consolidated IT Infrastructure Can Arm Businesses Against Cyber-Criminals

• Government Cloud On-Ramping

• Cyber Insurance and the Changing Global Risk Environment

• Proactive 5G Cybersecurity Strategy Enables Sustainable Growth

• New FedRAMP Authorization Secures IoT Devices for Federal Agencies

• MS Exchange Servers Found Deploying Hive Ransomware

• 5 Cybersecurity Trends and Mitigation Strategies for CISOs

• Musk In Talks With Thoma Bravo Over Joint Twitter Bid – Report

• Creating Cyberattack Resilience in Modern Education Environments

• A stored XSS flaw in RainLoop allows stealing users’ emails

• Water Wars: AUKUS Goes Hypersonic

• Apple To Scan Children Messages In UK For Nudity

• XSS Prevention Cheatsheet

• Motorola Launches Cyber Threat Information Sharing Hub for Public Safety

• How Companies Can Protect the Country from Acts Of Cyberwarfare

• Is Microsoft really going to cut off security updates for my “unsupported” Windows 11 PC? [Ask ZDNet]

• Ransomware attacks are hitting universities hard, and they are feeling the pressure

• Leaked Chats Show LAPSUS$ Stole T-Mobile Source Code

• Several Critical Vulnerabilities Affect SmartPPT, SmartICS Industrial Products

• Java Cryptography Implementation Mistake Allows Digital-Signature Forgeries

• International Intelligence Agency Warns Of Russian Cyber Attacks

• Android security: Flaw in an audio codec left two-thirds of smartphones at risk of snooping, say researchers

• Zero-Trust For All: A Practical Guide

• Researcher Releases PoC for Recent Java Cryptographic Vulnerability

• QNAP firmware updates fix Apache HTTP vulnerabilities in its NAS

• Toshiba Says It Will Seek Buyout Offers

• GitLab vs GitHub: Which is right for you?

• Skeletons in the Closet: Security 101 Takes a Backseat to 0-days

• Audio Codec Made by Apple Introduced Serious Vulnerabilities in Millions of Android Phones

• VMware’s Head of Cybersecurity Strategy Discusses Modern Bank Heists

• Unpatched Vulnerability Allows Hackers to Steal Emails of RainLoop Users

• Infosecurity Europe Announces Live Training Courses for this Year’s Event

• A $3 Billion Silk Road Seizure Will Erase Ross Ulbricht’s Debt

• 7 Ransomware Protection Tips to Help You Secure Data in 2022

• LemonDuck botnet plunders Docker cloud instances in cryptocurrency crime wave

• The new Elastic CEO puts cloud front and center

• North Korea funding nuclear program with cyber campaigns

• FBI warns US farmers of ransomware attacks

• Issue in digital COVID-19 test could have allowed individuals to falsify results

• Microsoft Defender’s protective capabilities suffer offline

• FBI Warns US Farmers of Ransomware Surge

• State Actors Drive Record Number of Zero-Day Exploits in 2021

• Watch Out! Cryptocurrency Miners Targeting Dockers, AWS and Alibaba Cloud

• Remote Work Makes it More Important Than Ever to Trust Zero Trust

• Building the CASE for the Vehicle Security Operations Center

• Crypto-Mining Botnet Goes After Misconfigured Docker APIs

• Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure

• Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure

• Cisco Releases Security Updates for Multiple Products

• Drupal Releases Security Updates

• Hive Ransomware Affiliate Attacking Microsoft Exchange Servers vulnerable to ProxyShell Flaw

• QNAP Advises Users to Update NAS Firmware to Patch Apache HTTP Vulnerabilities

• Pwn2Own Miami hacking contest awarded $400,000 for 26 unique ICS exploits

• New infosec products of the week: April 22, 2022

• Quantum Cybersecurity: Addressing the Boogeyman in the Room

• JekyllBot:5 Threatens Hospital Robots | Avast

• Weekly Update 292

• Lemon_Duck cryptomining botnet targets Docker servers

• 4 Tips To Boost Your Security Posture

• REvil resurrected? Ransomware crew appears to be back. Keyword: Appears

• FBI issues ransomware alert to the agriculture sector in the United States

Generated on 2022-05-01 00:02:30.966632