IT Security News Weekly Summary – Week 13

• IT Security News Daily Summary 2021-04-04

• YARA and CyberChef: ZIP, (Sun, Apr 4th)

• Alleged iPhone 13 Pro Mockup Shows Smaller Notch, Repositioned Earpiece and Front Camera

• Ubiquiti All But Confirms Breach Response Iniquity

• CERIAS – Levi Lloyd’s ‘Securing The Software Supply Chain’

• Robert M. Lee’s & Jeff Haas’ Little Bobby Comics – ‘WEEK 323’

• CERIAS – Caroline Wong’s ‘Security Industry Context’

• Adobe Illustrator Now Available for Apple Silicon in Beta

• Top Tips for Securing Your Linux System in 2021>

• 533 Million Facebook Users’ Phone Numbers And Personal Data Leaked Online

• NIST Releases Draft Guidance on Election Cybersecurity

• Hackers Tap Into Home Security Cameras, Record Sex Tapes Too Sell Online

• Video: YARA and CyberChef, (Sat, Apr 3rd)

• The International Far-Right Terrorist Threat Requires a Multilateral Response

• Malware attack on Applus blocked vehicle inspections in some US states

• Goodbye Cryptocurrencies: Number of ‘Dead’ Coins Increased by 35% Over Last Year

• Security Affairs newsletter Round 308

• How cloud architectures defend against the cyber attack surge

• Tala Research Shows that European Telecommunication Websites Expose Sensitive Customer Data

• The UK Is Trying to Stop Facebook’s End-to-End Encryption

• Clop Ransomware operators plunder US universities

• Data leak of over 533 million Facebook users

• Attackers found abusing GitHub Infrastructure to Mine Cryptocurrency

• 533 Million Facebook Users’ Phone Numbers and Personal Data Leaked Online

• Attackers Targeted Robinhood with a Phishing Campaign

• Week in review: PHP supply chain attack, common zero trust traps, hardening CI/CD pipelines

• Multilingual Cybersecurity Awareness Training adapted for your needs

• Penetration testing

• Russian hackers suspected of stealing thousands of US State Department emails

• Google’s Pixel & Apple’s iPhone Track & Transmit Telemetry Data, Despite The User Explicitly Opting Out – New Report

• Facebook – 2,529,621 breached accounts

• Facebook data of 500M+ users from 106 countries leaked online

• IBM bets homomorphic encryption is ready to deliver stronger data security for early adopters

• Feds say hackers are likely exploiting critical Fortinet VPN vulnerabilities

• New wave of App Store rejections suggests iOS 14.5, new iPad may be imminent

• Feds say man broke into public water system and shut down safety processes

• 533 million Facebook users’ phone numbers and personal data have been leaked online

• NEC to provide facial recognition system for check-in, boarding process at Narita and Haneda airports

• IT Security News Daily Summary 2021-04-03

• CERIAS – Adwait Nadkarni’s ‘Building Practical Security Systems For The Post-App Smart Home’

• XKCD ‘Checkbox’

• Facebookery: 533 million Facebook PII Leaked

• CERIAS – Scott Shackelford’s ‘The Internet of Things: What Everyone Needs To Know’

• Data of 533 million Facebook users leaked in a hacking forum for free

• Credible Leaker Says New iMac to Feature ‘Really Big’ Display Larger Than Current 27-inch Model

• Facebook data on 533 million users posted online

• Credible Leaker Says New iMac to Feature “Really Big” Display Larger Than Current 27-inch Model

• Capital One discovered more customers’ SSNs exposed in 2019 hack

• Data, Data, and more Data!!!

• Security News in Review: Google’s Project Zero Shuts Down Counterterrorist Hacking Team; Enterprises See Rise in Firmware Attacks

• Protect Your Android Phones from Android ‘System Update’ Malware

• Cops Take Down the ‘World’s Biggest’ Video Game Cheat Ring

• Top Stories: WWDC 2021 Announced, iPhone SE Rumors, ‘Cheese Grater’ iPhone Design?

• Centre of Attraction for Scammers : NFTs

• Hacker Hacks Underground Covid Vaccine Market On Dark Web

• Mackenzie Scott Scam: Fraudsters asking Fake Donations in Billionaire’s name

• Russian Law Requires Smart Devices To Come Pre-Installed With Domestic Software

• Activision warns of Call of Duty Cheat tool used to deliver RAT

• US lawmakers Press Online Ad Auctioneers Over User Data

• Ubiquiti has been Covering up a Data Breach

• Attackers are abusing GitHub infrastructure to mine cryptocurrency

• Google to Limit Which Apps Can See Other Installed Apps on Android Devices, Evoking Similar Privacy Changes Apple Made in iOS 9

• Tim Cook Responds to Facebook Criticism of iOS App Tracking Transparency Changes, Says It’s ‘Hard To Argue Against’ Privacy

• Evolution and rise of the Avaddon Ransomware-as-a-Service

• ‘Build’ or ‘Buy’ your own antivirus product

• Google limits which apps can access the list of installed apps on your device

• How Cyrebro Can Unify Multiple Cybersecurity Defenses to Optimize Protection

• Ransomware Attack Has Infected IT Systems at Schools Across London

• Week in security with Tony Anscombe

• Biden taps DIU head for top Pentagon acquisition post

• Myanmar’s Internet Shutdown Is an Act of ‘Vast Self-Harm’

• Apple Adds New SVP of Hardware Engineering John Ternus to Leadership Site

• QNAP caught napping as disclosure delay expires, critical NAS bugs revealed

• CERIAS – The Shoulders of InfoSec – Jack Daniel

• Save Time & Money With Automated Password Resets

• BBC Claims Americans Think of Presidents as Demigods

• Software Composition Analysis: Developers’ Security Silver Bullet

• FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

• Friday Squid Blogging: 500-Million-Year-Old Cephalopod

• IT Security News Daily Summary 2021-04-02

• 10 Most Innovative Information Security Companies at RSA Conference 2020 (USA)

• CISA, FBI warn of hacking threat against Fortinet product

• FirstNet public safety cellular network adds 5G and data encryption

• Inside the Ransomware Campaigns Targeting Exchange Servers

• Check Point Software and HashiCorp partner to help organizations automate firewall operations while maintaining security posture and compliance.

• DARPA aims to find out how good quantum computers really are

• Army shifts AR into high gear with $22B contract for customized HoloLens goggles

• How private DoH can help protect data for remote workers

• FBI: APTs Actively Exploiting Fortinet VPN Security Holes

• Vaccination data poses data management challenges for firms

• Follow the money: members of drug trafficking network arrested for money laundering in Germany and Luxembourg

• Hungarian authorities break up €8 million VAT fraud scheme

• Man Indicted In Kansas Water Facility Breach

• Hackers Demand $40M in Ransom From Florida School District

• Apple Stops Signing iOS 14.4.1 After Releasing iOS 14.4.2 With Fix for Actively Exploited Security Vulnerability

• DOD should update emergency response plans to accommodate telework, IG says

• Best cyber insurance 2021

• Call of Duty Cheats Expose Gamers to Malware, Takeover

• Water Supply Hacks Are a Serious Threat—and Only Getting Worse

• Why Charity Water Wells May Be Worse For Women Than Long Walks With Cans

• TIM’s Red Team Research (RTR) team found 5 zero-day flaws in the CA eHealth Performance Manager product

• Deals: Get Nomad’s Base Station Pro Wireless Charger for 50% Off ($99.98)

• MacRumors Giveaway: Win a Luna Display Adapter to Turn Your iPad or Mac Into an Extra Screen

• Testing the Oppo Find X3 Pro’s Microscope Camera Lens

• Maine Should Take this Chance to Defund the Local Intelligence Fusion Center

• What We Can Learn About Backdoor Attacks From WordPress

• SSA under pressure to reopen Trump-era union contract

• Best practices for VPN traffic monitoring

• Poll: Facebook Is Widely Mistrusted, Even Compared To Other Tech Giants

• FBI & CISA Warn of Active Attacks on FortiOS Vulnerabilities

• XKCD ‘Ingenuity’

• Tens of thousands of QNAP SOHO NAS devices affected by unpatched RCEs

• Deals: Apple Accessory Sales Mark Down Magic Keyboards ($100 Off), MagSafe Charger ($5 Off), and More

• Spotify iOS App Reveals Hints of ‘Car Thing,’ Podcast Paid Subscriptions and Comments

• Most Reliable Hosting Company Sites in March 2021

• From PowerShell to Payload: An Analysis of Weaponized Malware

• Intelligence Analyst Fed Secrets to Reporter

• The Threat to the Water Supply Is Real—and Only Getting Worse

• Endpoint Management and Its Evolving Role in IT

• A Risk Management Wake-Up Call

• Bsides Seattle 2020 – Luka Trbojevic’ ‘Anti-Checklist Culture: Building Useful Security Compliance’

• Conti Ransomware targets Florida’s largest school district

• Cisco Live 2021: New Webex features, as-a-service offerings, improved security and no passwords

• SecureDrop Workstation Gets Post-Audit Security Refresh

• Troll Fined $81 After Victim Kills Herself

• Russia has created a new data transmission device with protection against cyber threats

• Hackers Attack Users With Malware Using Underground Call Centres

• FBI-CISA Joint Advisory on Exploitation of Fortinet FortiOS Vulnerabilities

• VMware Releases Security Update

• Canada’s Defense Strategy Falls Behind in the Quantum Age

• What Is a Cybersecurity Legal Practice?

• Spot Ocean offers scalability and cost savings for NetApp IT

• Hackers Setup Fake Cyber Security firm to Target InfoSec Experts

• The DeanBeat: Chasing away the cheaters in Call of Duty: Warzone

• Microsoft Suffers Second Outage in Two Weeks

• Cybercrimial are Using Twitter as a Doorway to Target Indonesian Banks

• US Tech Dominance Rides on Securing Intellectual Property

• Simplifying Microservices Debugging with Thundra Sidekick

• Conti Ransomware gang demanded $40 million ransom to Broward County Public Schools

• Intel MacBook Pro Owner Adds Water Cooling to Silence Noisy Fans and Boost Performance

• New NCSC Chief Issues Cybersecurity Warning to Companies

• What Is ITSM Software and How Does It Work?

• APT Attack: Everything You Need to Know to Keep Your Company Safe

• Web Application Pentesting with Manual SQL Injection – Integer Based

• Robinhood Warns Customers of Tax-Season Phishing Scams

• DeepDotWeb Dark Web Admin Pleads Guilty To Drug, Gun Kickbacks

• Feds Indict Kansas Man For Allegedly Hacking Into Water Supply

• Legacy QNAP NAS Devices Vulnerable To Zero-Day Attack

• Dutch Watchdog Fines Booking.com 475,000 Euros For Keeping Customer Data Theft Quiet

• Exclusive Deals: Casely Offers MacRumors Readers 30% Off Sitewide on iPhone and AirPods Cases

• iPhone Users Spent Average of $138 on Apps Last Year

• An Overview of Traditional Email Security Solutions and How to Enhance Them

• LG Likely To Exit Smartphone Market – Report

• Nine Critical Flaws in FactoryTalk Product Pose Serious Risk to Industrial Firms

• Financial Sector Remains Most Targeted by Threat Actors: IBM

• Airlift Express Fixes Vulnerabilities in Its E-commerce Store

• Apple Arcade Adds 30 Classic Games Including ‘Fruit Ninja’ and ‘Cut the Rope Remastered’

• Apple Details Carbon Neutral Progress, Announces Energy Storage Project

• US Department of Justice Warns of COVID-19 Vaccine Survey Scams

• CISA Orders Action Against Exchange Vulnerabilities

• Malware Hidden in Call of Duty Cheating Software

• Microsoft 365 Restored After Outage

• A Guide To NFTs | Avast

• Trustwave Uncovers Vulnerability in Popular Website CMS

• DHS CISA requires federal agencies to assess their Microsoft Exchange servers by April 5

• All 20 Apple Stores in France to Close Again Under Third Lockdown

• New ‘BazarCall’ Malware Uses Call Centers to Trick its Victims into Infecting Themselves

• Hackers Use Vaccine Surveys to Steal Personal Information

• Booking.com Fined €475,000 For Late Data Breach Reporting

• New US CISO appointments, March 2021

• Quick Hits

• FCW Insider: April 2, 2021

• Kansas Man Could Serve 25 Years in Prison for Hacking Local Water System

• Hackers use BazarCall Malware to Infect Victims

• Dutch Privacy Watchdog fines Booking.com €475K

• Telemetry Data is Being Shared by Google and Apple Despite the user Explicitly Opting out

• Browser lockers: extortion disguised as a fine

• Italian Menswear Brand Loses Corp Data in Ransomware Attack – Expert Comments

• Decrypting Cryptocurrencies

• Cybersecurity Firm ReliaQuest Announces New Senior Appointments

• Weekly Update 237

• ‘Fantasian,’ by Creator of Final Fantasy, Now Available on Apple Arcade

• Leak Allegedly Shows New Spring Color Options for iPhone 12 MagSafe Cases

• Understanding and Preventing S3 Leaks

• Don’t Let the Fox Watch the Henhouse: Securing Firmware

• Man indicted for tampering with public water system in Kansas

• Want your endpoint security product in the ‘Microsoft Consumer Antivirus Providers for Windows’ ?

• Massive Cyber Attack on F5 Systems and University of California

• Cyber Attack on Inter Parliamentary Alliance on China

• SolarWinds Hackers Accessed Emails of US Department of Homeland Security (DHS) Officials

• Leaky Apps Heighten Supply Chain Risk

• C2 Activity: Sandboxes or Real Victims?, (Fri, Apr 2nd)

• Is your dishwasher trying to kill you?

• Menlo Security Celebrates Winners of First Annual APAC Partner of the Year Awards

• New infosec products of the week: April 2, 2021

• Death, taxes, and hacks: How to prevent cyberattacks during tax season

• Ethos Capital Is Grabbing Power Over Domain Names Again, Risking Censorship-For-Profit. Will ICANN Intervene?

• The Latest LogRhythm Employee Initiatives

• Encrypted method that measures encounters could slow down or prevent future pandemics

• 5 key cybersecurity risks in 2021, and how to address them now

• ISC Stormcast For Friday, April 2nd, 2021 https://isc.sans.edu/podcastdetail.html?id=7440, (Fri, Apr 2nd)

• The authentication and brand protection market to reach $3.7 billion by 2026

• Mobile providers exposing sensitive data to leakage and theft

• 2021-04-01 – Quick post: IcedID (Bokbot) activity

• Large Florida School District Hit by Ransomware Attack

• US Looks to Keep Critical Sectors Safe From Cyberattacks

• Platform9 Managed Kubernetes with IPv6 support optimizes 5G service delivery

• Cisco Webex enhances People Insights feature to ensure privacy and security in a hybrid workplace

• Inseego Wavemaker PRO FX2000e provides flexible 5G broadband with ethernet and Wi-Fi 6 connectivity

• Cisco helps service providers and web scale companies offer a more accessible internet

• DTEX InTERCEPT delivers advanced UAM and workforce behavioral awareness capabilities

• Acronis Cyber Protect Cloud enables MSPs to offer cyber protection services on more endpoints

• Content Moderation Is A Losing Battle. Infrastructure Companies Should Refuse to Join the Fight

• Krebs cautions on push for national cyber director

• Criminals send out fake “census form” reminder – don’t fall for it!

• Apple Now Rejecting App Updates That Defy iOS 14.5 App Tracking Transparency Rules

• Entrust integrates its nShield HSMs with Microsoft Double Key Encryption

• Elliptic Labs partners with Cadence to optimize ML algorithms on Cadence Tensilica HiFi DSPs

• FedHIVE secures FedRAMP authorization for its IaaS and PaaS capabilities

• Ericsson Open Lab focuses on innovating virtualized 5G RAN technologies

• Enterprises Remain Riddled With Overprivileged Users — and Attackers Know It

• The Guide to Presenting Information Security’s Business Value

• It’s Time for a New Policy on Confucius Institutes

• Wipro acquires Ampion to deliver combined portfolio of transformation offerings

• CloudBlue acquires Harmony Business Systems to accelerate transformation for MSPs

• DeepDotWeb admin pleads guilty to money laundering, kickbacks

• What’s changed for state CIOs during the pandemic

• DHS to launch cyber sprints

• Pandemic accelerated rise of smart cities

• The FCC Wants Your Broadband Horror Stories: You Know What to Do

• IT Security News Daily Summary 2021-04-01

• Mandatory review of DOD’s compliance on CMMC is delayed

• 80% of Global Enterprises Report Firmware Cyberattacks

• New KrebsOnSecurity Mobile-Friendly Site

• 7 Security Strategies as Employees Return to the Office

• Breaking Down the Latest O365 Phishing Techniques

• What’s Covered Under Cyber Risk Insurance

• Android “System Update” malware steals photos, videos, GPS location

• What are the future prospects of a Cloud architect?

• Could 2022 see the end of OCO?

• Legacy QNAP NAS Devices Vulnerable to Zero-Day Attack

• Kansas Man Charged with Tampering with Public Water System

• Unpatched RCE Flaws Affect Tens of Thousands of QNAP SOHO NAS Devices

• DHS Gives Federal Agencies 5 Days to Identify Vulnerable MS Exchange Servers

• Facebook Is Giving Users More Control Over Their News Feed, Comments, And More

• Kansas Man Indicted for Hacking, Tampering With Water Utility System

• On #DFIR Analysis

• LNK Files, Again

• Bsides Seattle 2020 – Annybell Villarroel’s ‘Trust: From Zero to Hero’

• VMware fixes authentication bypass in Carbon Black Cloud Workload appliance

• BrandPost: It’s Time to Take a Fresh Approach to Combat Phishing

• What Does the Future of DDoS Attacks Look Like?

• Ragnarok Ransomware Hits Boggi Milano Menswear

• How financial cybercrime targets shifted in 2020

• Molson Coors Cyberattack, Storms Could Cost Company $140 Million

• After Hack, Officials Draw Attention to Supply Chain Threats

• CISA: U.S. agencies must scan for Exchange Server attacks

• 5 endpoint security best practices to keep company data safe

• ACLU Files AI FOIA Request

• NIST Publishes Guide for Securing Hotel Property Management Systems

• New Research: Fileless Malware Attacks Surge by 900% and Cryptominers Make a Comeback, While Ransomware Attacks Decline

• Shifting left: Davie Street Enterprises implements DevSecOps

• Apple Support App Gains Updated Coverage Details, Reservation Reminders and New App Clip

• Duo’s Passwordless Authentication is Coming!

• Automating threat actor tracking: Understanding attacker behavior for intelligence and contextual alerting

• BlueVoyant optimizes customer security with Microsoft security services

• Are Cloud Solutions More Secure?

• How to manage VDI in the cloud

• DoJ charges man for hacking, tempering with public water facility

• 5 basic steps for effective cloud network security

• Forensic Audit of MobiKwik Ordered

• Major AirPods Max Restock Includes Four Colors Available to Ship Today

• Tim Cook in Memo to Employees: ‘There Has Never Been a Moment of Such Great Potential As This One’

• Next iPhone SE to Feature 4.7-Inch Display, 2023 Version to Have Hole Punch Full Screen Design

• How to Fix the Financial Gymnastics of Police Misconduct Settlements

• How Microsoft Is Working To Confront Firmware Threats? Experts Weigh In

• Tenth Circuit Misses Opportunity to Affirm the First Amendment Right to Record the Police

• Fintech Executive Bjorn Ovick Joins Skyflow to Grow Payments Data Vault Business

• How to ensure security and trust in connected cars

• Endpoint Security: Helping to realize the benefits of SASE

• “A41APT” Campaign Dropping Sophisticated Loader

• Federal Agencies Given Deadline to Look For Compromised Exchange Servers

• Ubiquiti Breach More Serious Than Previously Announced

• Kansas Man Charged For Hacking Water Utility

• Arm’s confidential computing uses hardware to ensure security

• TruU Named Newest Competitor in the 2021 ‘ASTORS’ Awards Program

• Building a Fortress: 3 Key Strategies for Optimized IT Security

• WordPress Websites Infected with Malware Via Fake jQuery Files

• Solving the Leadership Buy-In Impasse With Data

• CSA Survey Suggests Cloud Security Is Improving

• Whistle-blower Claims Ubiquiti Networks Data Breach Was ‘catastrophic’

• The Australian Inter-parliamentary Alliance On China’s Website Suffers Cyber-attack

• Relax. Internet password books are OK

• Dutch watchdog fines Booking.com €475k after it kept customer data thefts quiet for more than 3 weeks

• Wipro to acquire Australia-based Cybersecurity firm Ampion for $117 million

• DuckDuckGo Offers Privacy Better Than Just Browser Tracking Protection

• CMA Deepens Probe Of Facebook Giphy Deal, After No Concessions

• How to use the new HTTPS-Only mode in Firefox

• DHS: Ransomware poses a national security threat

• DeepDotWeb Administrator Admits Darknet Conspiracy

• How to Build a Resilient IoT Framework

• YouTube Has a Disturbingly Creepy Minecraft Problem

• Ubiquiti Accused of Lying to Help Stock Price

• DeepDotWeb admin pleads guilty to money laundering conspiracy

• TSMC Pledges $100 Billion Over Three Years, For ‘Advanced’ Chip Making

• Gamers targeted in new malware attack with games cheat codes

• Google: North Korean APT Gearing Up to Target Security Researchers Again

• Ubiquiti Shares Dive After Reportedly Downplaying ‘Catastrophic’ Data Breach

• Cyberextortion Threat Evolves as Clop Ransomware Attacked 6 U.S Universities Data Security

• Medical Professionals of U.S. and Israel Targeted in a ‘BadBlood’ Phishing Campaign

• AppSec with LolCats: Click2Cat – the Security Extension to Veracode You Didn’t Realize You Needed

• The Hidden Cost of A 500 Internal Server Error

• Salt Security Joins the MuleSoft Technology Partner Program, Delivering API Security with Frictionless Integration

• Vulcan Cyber Remediation Orchestration Now Available from the CrowdStrike Store

• VMware fixed flaws in vROps that can be chained to compromise organizations

• Fugitive Identified on YouTube By His Distinctive Tattoos

• The Business of Fraud: Fraud Tutorials and Courses

• Microsoft To Sell Augmented Reality Goggles To Army

• North Korean Hackers Return Targeting Infosec Researchers

• Fraud Ring Launders Money Via Fake Charity Donation

• Activision Reveals Malware Disguised As Call Of Duty: Warzone Cheats

• Today Marks the 45th Anniversary of Apple’s Founding

• The Lazarus Group Targeted Cybersecurity Researchers Again, Google Says

• Microsoft Kills Cortana iOS, Android App

• Cloud-Native Security 101

• COVID-19 and HIPAA Enforcement Discretion Leaves Healthcare Organizations Vulnerable to Ransomware Attacks

• Open banking is big. Here’s why open finance is bigger.

• Federal agencies given five days to find hacked Exchange servers

• Administrator of Dark Web Portal Pleads Guilty to Money Laundering

• US Based, Ubiquiti Inc. covers up a Catastrophic Data Breach, Claims a Whistle-blower

• Shell’s Employees’ Visas Dumped Online as part of Extortion Attempt

• The Role of Visibility in Securing Cloud Applications

• What Is IPAM in Networking and Cybersecurity?

• Fileless Malware Attacks Surge by 900% and Cryptominers Make a Comeback

• Airlift Patched OTP Vulnerability Allowing Airlift Express Account Takeovers

• How to develop an MVP for a cybersecurity app?

• A Call to Action: Recent PHP Hack Highlights the Need for Better Security>

• IBM Named a Strong Performer in The Forrester Wave™: External Threat Intelligence Services, Q1 2021

• DHS Secretary Outlines Biden Administration’s Cybersecurity Vision

• DeepDotWeb Admin Pleads Guilty to Money Laundering Charges

• System Hardening with DISA STIGs and CIS Benchmarks

• Twitter Users Can Now Add GIFs and Stickers to Ephemeral ‘Fleets’

• Eve Aqua HomeKit-Connected Water Controller Gains Thread Support via Firmware Update

• Space Industry needs Cybersecurity

• So Many Awards, So Little Time Left to Nominate. Complete Your Global Achievement Award Nomination Today!

• Google Reopens ‘Limited’ Offices, As It Restricts Remote Working

• Flaws with Ovarro’s TBox Remote Terminal Units Opens Industrial Systems For Remote Attacks

• Tackling Online Tribalism | Avast

• This is where the iPhone hands down beats Android

• Improve Data Utilization to Modernize the SOC

• VMware vROps Flaws Can Provide ‘Unlimited Opportunities’ in Attacks on Companies

• Booking.com Fined $558,000 for Late Breach Notification

• WhiteSource on WhiteSource

• Akamai dealt with an 800Gbps ransom DDoS against a gambling company

• Ubiquiti accused of downplaying a “catastrophic” security breach

• IoT and IIoT security a major concern for security pros, research finds

• Ubiquiti: cyberattack worse than originally reported

• Gambling Company hit with DDoS attack

• 5 Great Tips To Learn How To Protect From Ransomware

• What are phishing kits? Web components of phishing attacks explained

• What is a CISO? Responsibilities and requirements for this vital leadership role

• Facebook Removes Donald Trump Interview Video

• Microsoft Wins US Army Contract For Augmented Reality Headsets

• Clean Sweep: A 30-Day Guide to a New Cybersecurity Plan

• DeepDotWeb dark web admin pleads guilty to gun, drug purchase kickbacks

• Hacked companies had backup plans, but didn’t print them out. Why cybersecurity still isn’t being taken seriously

• Exchange Server attacks: Run this Microsoft malware scanner now, CISA tells government agencies

• Report: USB threats to ICS systems have nearly doubled

• Cybersecurity M&A Roundup: 40 Deals Announced in March 2021

• S3 Ep26: Apple 0-day, crypto vulnerabilities and PHP backdoor [Podcast]

• Half of Global Retailers See Account Takeovers Surge

• North Korean Hackers Expand Targeting of Security Community

• How to Vaccinate Against the Poor Password Policy Pandemic

• 22-Year-Old Charged With Hacking Water System and Endangering Lives

• Ubiquiti security breach may be a catastrophe

• Apple Knowingly Sold 2016-17 MacBook Pro Models With ‘Flexgate’ Display Defect, Judge Says

• Why are you ignoring NIST, NSA and the NCSC?

• North Korean hackers targeting Google researchers

• VMware patches critical vRealize Operations flaws that could lead to RCE

• No April Fool’s Jokes Here, and Other News – Intego Mac Podcast Episode 181

• #LORCALive: Cybersecurity to Play a Key Role in Supporting Growing Space Sector

• Hackers Using a Windows OS Feature to Evade Firewall and Gain Persistence

• Celebrating Women’s History Month 2021 at Palo Alto Networks

• Opera Browser Gains Native M1 Mac Support

• What Is a HAR File and Why Is It Important in Cybersecurity

• Google: North Korean hackers are targeting researchers through fake offensive security firm

• Integrity – It’s a Matter of Trust

• Hackers Set Up a Fake Cybersecurity Firm to Target Security Experts

• US CISA warns of DoS flaws in Citrix Hypervisor

• Apple to Use Tesla’s ‘Megapack’ Battery to Help Power Apple Park at New Energy Farm

• Apple Chip Supplier TSMC to Expand Production Capacity With $100 Billion Investment Over Next Three Years

• Want to add antivirus to your existing portfolio?

• Threat Actors’ Most Targeted Industries in 2020: Finance, Manufacturing and Energy

• Hackers Set Up a Fake Cybersecurity Firm to Target Real Security Experts

• Thousands of Zero-Day Spear Phishing Attacks Continue to Target Covid-19 Pharmaceuticals

• Client-Side XSS Vulnerabilities Growing Fast

• Cyber attacks on Microsoft Exchange Email Servers could surge up cyber insurance claims

• Google offers Cybersecurity training for 2022 Midterm elections

• Are you prepared to prevent data loss?

• IRS Warned of an Ongoing IRS-Impersonation Scam

• iPhone Setup Process in Russia Now Includes List of Suggested Government Approved Apps

• The growing threat to CI/CD pipelines

• Want to get around a CAPTCHA? That’ll be 0.00094c, please

• Wi-Fi slinger Ubiquiti hints at source code leak after claim of ‘catastrophic’ cloud intrusion emerges

• Introducing the world’s first SIM made of 100% recycled plastic from old refrigerators

• Wi-Fi slinger Ubiquiti hints at source code leak after report of ‘catastrophic’ cloud intrusion emerges

• Why passwords are to blame for loss of revenue, identity attrition and poor customer experiences

• SolarWinds breach severity perception increasing over time

• Websites of EU Mobile Providers Fail to Properly Secure User Data: Report

• ISC Stormcast For Thursday, April 1st, 2021 https://isc.sans.edu/podcastdetail.html?id=7438, (Thu, Apr 1st)

• Cloud technology adoption gap between internal audit and other enterprise functions to narrow

• Worldwide 5G connections to reach 619 million by the end of 2021

• Study: Android sends more data to Google than iOS to Apple

• Seagate Lyve Data Transfer Services helps businesses quickly move mass data from edge to cloud

• VMware Cloud enables orgs to accelerate app modernization across the data center, edge and cloud

• GuardDog PCS protects against threats outside the perimeter of the network or on attached devices

• EFF to Court: Don’t Let Pseudo-IP Thwart Speech, Innovation, and Competition

• Learning from the Oldsmar Water Treatment Attack to Prevent Critical Infrastructure Breaches

• 5 Ways Blockchain Is Transforming Cybersecurity in 2021

• April 2021 Forensic Quiz, (Thu, Apr 1st)

• NETGEAR announces GS316EP and GS316EPP switches with larger PoE budgets

• Optiv Security Enterprise IoT Lab helps identify, assess, and mitigate IoT device security challenges

• Alcatel-Lucent Enterprise and RingCentral launch Rainbow Office, a UCaaS solution

• Cisco introduces infrastructure agnostic, passwordless authentication by Duo

• Most Common IaaS Security Issues and Ways To Mitigate Them

• Another Breach, Another Case for Security by Design

• Prioritizing Security in a Remote Learning Environment

• Cloudentity partners with Okta to deliver zero trust authorization for open banking services

• Arm unveils Armv9 to deliver enhanced security, DSP and ML capabilities

• WitFoo releases Precinct 6.1.5, adding advanced indexing and search algorithms

• Cisco simplifies networking and security operations with an expanded SASE offer

• Top 5 Attack Techniques May Be Easier to Detect Than You Think

• Cyber Security Roundup for April 2021

• Cohesity announces valuation of $3.7B following a growth in annual recurring revenues

• OneCloud launches Anaplan BizApp to support Transactional APIs and help manage enterprise data

• HYAS Protect integrates with Microsoft Defender to offer comprehensive endpoint protection

• Federal buildings, vehicles set to go green in Biden’s $2T infrastructure package

• Money laundering is a real issue in tech: Here’s what is being done to stop it

• tvOS 14.5 Beta 6 References Apple TV Remote With ‘Center Button’ [Updated]

• Periscope App Officially Shutting Down After Today

• First set of CMMC certification orgs emerge

• Why data is driving the future of 911

• AI analysis speeds FDA drug reviews

• North Korean .Gov Hackers Back With Fake Pen-Test Company

• Citrix Patches DoS Vulnerabilities in Hypervisor

• Google Updates on Campaign Targeting Security Researchers

• CISA Releases Supplemental Direction on Emergency Directive for Microsoft Exchange Server Vulnerabilities

• North Korea-linked hackers target security experts again

• tvOS 14.5 Beta 6 References Apple TV Remote With ‘Center Button’

• Secure, Managed File Transfer: What’s Old is New Again

• IT Security News Monthly Summary – April

• IT Security News Daily Summary 2021-03-31

• BrandPost: The Journey to SASE: Cisco Eases Security Complexity

• BrandPost: Don’t Make This Mistake on the Journey to Passwordless Security

• antimalware (anti-malware)

• challenge-response authentication

• Air Force seeks ‘ubiquitous connectivity’ from telework to bases

• Mayorkas announces cyber ‘sprints’ on ransomware, ICS, workforce

• NOAA signs data sharing agreement with offshore wind firm

• NASA data supports agricultural analytics

• Microsoft Wins $22 Billion Deal Making Headsets for US Army

• What’s So Great About XDR?

• Zettaset Unveils Encryption Management Console

• President Biden extended Executive Order 13694 regarding cyberattack sanctions

• Ethiopia’s Tigray Conflict: Alleged Atrocities, Law of War Violations and Regional Implications

• Lawfare Lecture: Paul Rosenzweig on Enterprise Cybersecurity Measurement

• Fraud Ring Launders Money Via Fake Charity Donations

• Apple, Google Both Track Mobile Telemetry Data, Despite Users Opting Out

• IRS Warns of Higher Education Phishing Scam

• 83% of Businesses Hit With a Firmware Attack in Past Two Years

• I Now Own the Coinhive Domain. Here’s How I’m Fighting Cryptojacking and Doing Good Things with Content Security Policies.

• The Importance of Website Backups

• XKCD ‘Immune Response’

• Bsides Seattle 2020 – Olivia Stella’s ‘Airplane Mode: Cybersecurity At 30,000+ Feet’

• Apple’s First 13-Inch MacBook Pro With Retina Display Now Classified as ‘Obsolete’

• Schools Can’t Punish Students for Off-Campus Speech, Including Social Media Posts, EFF Tells Supreme Court

• A child sent out gibberish tweet from official US Nuclear-agency account

• McAfee Defenders Blog: Reality Check for your Defenses

• Is the Clubhouse App a Safe Place for Kids to Hangout?

• How the government could become the next Airbnb

• Child Tweets Gibberish from U.S. Nuke Account

• Fraud Ring Lauders Money Via Fake Charity Donations

• How to use Google’s Password Checkup tool

• CISA and RH-ISAC to Run Cybersecurity Drill

• College Students Targeted in Newest IRS Scam

• Bsides Seattle 2020 – Caleb McGary’s ‘Red Team Handcuffs’

• Misconfiguration Leaks 138GB of Information to the Public

• FBI Pegs 2020 Cybercrime Costs at $4 Billion – Actual Losses Likely Higher

• Fake COVID-19 Vaccine Card Scam

• VMware Patches Two Severe Vulnerabilities

• Scammers Target Universities in Ongoing IRS Phishing Attacks

• Charming Kitten Targets US and Israeli Healthcare Professionals

• BrandPost: Trusting Your Security Vendor in an Evolving Threat Landscape

• How to back up your Gmail: The ultimate guide for 2021

• Malicious attack now targeting video gamers and modders

• Dutch Data Protection Authority Fines Booking.com Over Incident Notification

• CISA Releases Supplemental Guidance on Emergency Directive for Microsoft Exchange Server Vulnerabilities

• Apple Seeds Sixth Beta of macOS Big Sur 11.3 to Developers

• Apple Seeds Sixth Betas of iOS 14.5 and iPadOS 14.5 to Developers

• iOS 14.5 Adds New Siri Voices, No Longer Defaults to Female

• iOS 14.5 Will Recalibrate iPhone 11 Batteries to Fix Battery Health Bug

• Apple Releases Safari Technology Preview 123 With Bug Fixes and Performance Improvements

• VMware urges customers to patch critical vulnerabilities in vRealize Operations platform

• National health passes: Short-term fix or long-term legacy?

• BrandPost: The Value of Cybersecurity Certifications and Training for Career Growth

• Living Security Raises $14 Million for Its Human Risk Management Platform

• Reality Show Members Charged with Telemarketing Scam

• Advice From Security Experts: How to Approach Security in the New Normal

• Back in a Bit: Attacker Use of the Windows Background Intelligent
  Transfer Service

• A Successful Security Platform Requires the Strongest Partner Ecosystem

• Asset Management – Back To The Roots

• HYCU and Bain Capital Ventures partner in latest $87.5 funding round

• Wow…. Ziggy Ransomware gang to refund its victims

• Two Linux Vulnerabilities Could Allow Bypassing Spectre Attack Mitigations

• MobiKwik Suffered Data Breach – 3.5M Customers’ Data Uploaded to Dark Web

• Cryptic Tweet From US Strategic Command Was Down To Child

• Cisco is bringing individual and team insights to Webex video calls

• Analyzing the UK’s Nuclear Deterrence Theory for Cyberspace

• Here’s How to Safeguard Against Mobikwik Data Breach

• 5-star customer service: fraudsters launch massive campaign against Indonesia’s major banks on Twitter

• Apple to Report Q2 2021 Earnings Results on April 28

• Apple Aiming to Announce Mixed-Reality Headset With In-Person Event in ‘Next Several Months’

• What Did Gen. Nakasone Say About Defense Department Operations (Not Just Cyber Operations)?

• The Internet of Very Cold Things

• Lawfare Live: Reforming Civil Settlements for Police Misconduct

• Universities Targeted in Ongoing IRS Phishing Attacks

• Zero Trust: 7 adoption strategies from security leaders

• Microsoft, Facebook To Reopen Some US Offices

• Linux Distribution Coverage Extended Across the VMware Carbon Black Cloud

• Microsoft Office 365 still the top target among phishing attacks

• Shadow IT is your organization’s next remote working nightmare

• Over 80% of IT leaders will adopt or expand cloud-based IAM and face challenges

• Iranian Hackers Target Medical Personnel in US, Israel

• Winner Crowned in “Hacker Games” Contest Promoting Secure Coding Skills

• 3 Ways Vendors Can Inspire Customer Trust Amid Breaches

• Citrix Releases Security Updates for Hypervisor

• VMware Releases Security Updates

• Google Releases Security Updates for Chrome

• Don’t Skim This: A Brief Introduction to Website Skimming

• Chinese experts earned $20,000 for reporting a Chrome Sandbox Escape

• Amazon Tweets Trolling Congress Were So Bad That IT Thought Account Was Hacked

• Ziggy Ransomware Gang Offers Refunds To Victims

• Iranian Credential Thieves Target Medical Researchers

• Hacker Exploits Bug In Doom To Run Snake

• Casting Some Light upon the Concept of Privilege Identity Management

• What Is Cyber Threat Hunting and Why You Need It?

• The Emails of the Department of Homeland Security exposed

• Ubiquiti Networks Security Breach was catastrophic, whistleblower says

• Fintech Platform MobiKwik Denies 8.2 TB Data Breach

• Google Adds £21m To EU Fake News Warchest

• Gaming mods, cheat engines are spreading Trojan malware and planting backdoors

• Best VPN 2021: Expert reviews of the best VPN services

• Tax refund phishing scam targets university students and staffers

• Don’t give hackers a home run by using these baseball team names in your passwords

• Critical Infrastructure Protection Firm OPSWAT Secures $125 Million Growth Funding

• How to build a honeypot to increase network security

• DoJ Clamps Down on COVID-19 Fraud, Charging Nearly 500 Individuals

• Weakness in EDR Tools Lets Attackers Push Malware Past Them

• Decided to move on from your NGAV/EDR? A Guide for Small Security Teams to What’s Next

• Credential Phishing: Themes and Tactics

• TalaTek Selected by CMMC-AB as One of the First CMMC Third-Party-Assessor-Approved Organizations

• University of Warwick Wins Veracode’s First-Ever Hacker Games

• Financial Cyberthreats in 2020

• Apple Invests $50 Million in Independent Music Artist Platform UnitedMasters

• Apple Says Over 110 Manufacturing Partners Committed to Using 100% Renewable Energy

• Arizona Bill That Would Let Developers Avoid Apple’s In-App Purchase Rules Scrapped After Intense Lobbying

• Chained Vulnerabilities in VMware vRealize Operations Could Lead to Unauthenticated Remote Code Execution

• UK Cyber Security Council Becomes Independent Entity

• What Is an Attack Surface in Cybersecurity?

• Useful Tips for Choosing the Right 3D Printer

• 6 Benefits Of GPS Tracking Cameras

• Top 4 Reasons Why Network Security Is Critical for Businesses

• 5G Network Slicing Vulnerabilities Risk DoS, Location Tracking, Data Theft, and Other Threats

• Facebook To Allow Users To Limit Comments On Posts

• Edge computing orchestration startup Zededa raises $12.5M

• Child tweets on behalf of nuke, space mission agency US Strategic Command

• APT Charming Kitten Pounces on Medical Researchers

• Chinese Researchers Earn Another $20,000 for Chrome Sandbox Escape

• Most Global Chip Companies Show Signs of Compromise

• Here’s How One Airline Upgraded Its Security in the Cloud

• Five worthy reads: The unexpected costs following a cyberattack

• Airline Body IATA to Launch COVID-19 Travel Passport App in April

• MobiKwik Data Breach – Thoughts From Experts

• The npm netmask vulnerability explained so you can actually understand it

• Old but Gold – Attack and Defend the Sys Admins

• 10 Most Innovative Information Security Companies at RSA Conference 2020 (USA)

• VMware patches critical vRealize Operations platform vulnerabilities

• New poll shows Facebook’s severe trust problem

• James Reynolds Joins SecureAge Technology to Lead Security Product Management

• UK Cyber Security Council Officially Launches as Independent Body

• Mobikwik Data Leak of 10cr Users: ‘The Largest KYC Data Leak in History’

• The Convergence of Cybersecurity & Student Safety in K-12 Schools

• State Officials Benefit from Cybersecurity Training Offered by the National Cybersecurity Center

• Google Maps Adds Eco Friendly Routes

• Women In Leadership Panel | Avast

• World Backup Day | Avast

• Check Point Software and HashiCorp partner to help organizations automate firewall operations while maintaining security posture and compliance.

• Opswat expands infrastructure protection with anti-malware tools, raises $125M

• VPNs: Mozilla just added these new feature to its virtual private network

• The Often-Overlooked Element of a Hack: Endpoints

• Hungarian authorities break up €8 million VAT fraud scheme

• The Benefits of Offloading SSL (certs) on F5 Devices, and How to Automate it

• Spotify Introduces New Personalized Mixes Featuring Favorite Artists, Genres, and Decades

• Facebook Adds New ‘Most Recent’ Timeline to Switch to Chronological Posts

• Expert On The Report On Lack Of Visibility Into Cyber Threats

• Serious Vulnerability In Netmask npm Package Risked 270K+ Projects

• Microsoft 365 Defender updates bring a single portal view

• SpaceX SN11 Rocket Explodes During Descent

• FCW Insider: March 31, 2021

• Pandemic threats: The common threads in COVID-19 scams and criminal schemes

• Microsoft: Firmware attacks are on the rise and you aren’t worrying about them enough

• Three-Quarters of Legal Breaches Caused by Insiders

• Email accounts of DHS members were compromised in the SolarWinds hack

• Quick Analysis of a Modular InfoStealer, (Wed, Mar 31st)

• Apple Partners With South Carolina to Build Eight Open Access Mac Computer Labs

• Google Meet Extends Free ‘Unlimited’ Calls Until June 30

• Role of Encryption in GDPR Compliance

• NHS Reduces Cyber-Skills Shortages but Breach Problems Remain

• Hackers are implanting multiple backdoors at industrial targets in Japan

• Research Claiming Android Collects 20x More User Data Than iOS ‘Off By An Order of Magnitude,’ Says Google

• Kuo: iPhone 13 Lineup to Feature Nearly Identical Wide Camera as iPhone 12

• Microsoft Shuts Down Cortana App for iOS and Android

• (ISC)² calls for collaboration amongst UK Cyber Security Council membership and training bodies

• 5 Effective Strategies to Ensure the Excellence of Cybersecurity

• Whistleblower claims Ubiquiti Networks data breach was ‘catastrophic’

• How Cybereason is reversing the adversary advantage

• Follow the money: members of drug trafficking network arrested for money laundering in Germany and Luxembourg

• How to Secure the Home Branch Office

• Breach Clarity Data Breach Report: Week of March 29

• IETF deprecates TLS 1.0 and TLS 1.1, update to latest versions

• A Few Hours After the Publication: Dozens of Scanning Attempts for Vulnerable PHP Servers

• (ISC)2 and the Creation of the U.K. Cyber Security Council

• Looking for adding new detection technologies in your security products?

• MIDC’s Server Hacked, Threat to Destroy Data

• Building Immunity at AppSec Insertion Points

• 3 steps to meeting data privacy regulation compliance through identity programs

• Tax scammers in China turn photos into vids to crack tax dept facial recognition system

• Beware of this Royal Mail Cyber Scam

• Kaspersky says most of the ransomware victims cannot get back their data

• Backdoor added to PHP source code in Git server breach

• Manufacturing Has the Lowest Percentage of High-Severity Flaws but Needs to Improve Time to Remediation

• Digital dependence and innovation: Two critical trends in cyber espionage and crime

• Nearly 40% of new ransomware families use both data encryption and data theft in attacks

• Tax scammers in China turn photos into vids to crack tax dept. facial recognition system

• Cybersecurity strategy…. To Plan or not to plan…That is the question

• Organizations suffer downtime despite following cybersecurity recommendations

• Lack of IT-OT collaboration holding back smart factory security projects

• Payment app MobiKwik denies customer data was stolen from it, has no idea how the info ended up on the dark web: Maybe it was your fault?

• ISC Stormcast For Wednesday, March 31st, 2021 https://isc.sans.edu/podcastdetail.html?id=7436, (Wed, Mar 31st)

• Board directors need to play an active role in protecting their org from cyber risks

• Hybrid IAM: Addressing the security and experience issues caused by hybrid IT

• Google Is Testing Its Controversial New Ad Targeting Tech in Millions of Browsers. Here’s What We Know.

• Cisco CEO Chuck Robbins: We’re doing everything we can to meet customer demand

• Payment app MobiKwik denies customer data was stolen from it, has no idea how the info ended up on the dark web

• Autohost launches Threat Intelligence Platform to mitigate fraud risk in the hospitality industry

• India payment app MobiKwik denies data leak, says customers may have posted own data to Dark Web

• Raytion launches Enterprise Search Connectors for ServiceNow AI Search

• Proxmox Mail Gateway 6.4: Protects orgs from spam, viruses, Trojans, and phishing emails

• Pindrop enables European enterprises to defend against telephony and cross channel fraud attacks

• Sysdig introduces unified cloud and container security with the launch of CSPM

• Cl0p ransomware gang leaks sensitive data from 6 US universites

• Argus collaborates with Microsoft to provide a cloud security solution to vehicle manufacturers

• CircleCI offers cloud-based CI/CD services for the Arm architecture

• Zimperium partners with Oracle to help enterprises combat advanced mobile threats

• ADVA unveils FSP 3000 DCI OLS designed for 400ZR technologies

• Crowdfunding Legal Fees Is Not a Crime

• Internet Safety Tips for Seniors and Scams to Watch Out for

• C-cure cybersecurity expert team joins Nixu

• Tricentis acquires Neotys to accelerate enterprises’ digital transformation with automated software testing

• Panasonic partners with McAfee to commercialize vehicle security monitoring services

• KPMG now offers RelativityOne in Singapore

• Peer-To-Peer Cybersecurity Insights For 2021

• The Best Network Protection: Go Deep or Go Broad?

• German Parliament Bundestag targeted again by Russia-linked hackers

• Hackers pushed malware to PHP repositories to open a “backdoor” to websites

• Who cares about backup?

• NASA seeks cloud-based platform for airspace management

• As vaccine passports emerge, administration takes advisory role

• BlackBerry fiscal Q4 revenue misses expectations, in talks to sell mobile patents

• Mysterious Hades ransomware striking ‘big game’ enterprises

• Security on a Shoestring? More Budget Means More Detection

• CMMC Accreditation Body appoints Matthew Travis as CEO

• Ketan Gangatirkar joins Coder as VP of engineering

• Saviynt names Anne Ceruti as Head of People and expands its Board of Advisors

• Living Security raises $14M to further develop its human risk management platform

• Come April, Nothing Is Certain Except Phishing and Taxes

• Risk Management, C-Suite Shifts & Next-Gen Text Scams: Your March 2021 Security Intelligence Roundup

• JADC2 needs to be Pentagon’s ‘big bet,’ Flournoy says

• Unions, agencies encouraging feds to get vaccinated

• What We Know (and Don’t Know) So Far About the ‘Supernova’ SolarWinds Attack

• Publicly Available Data Enables Enterprise Cyberattacks

• Snap Working on Advanced Smart Glasses With Augmented Reality Capabilities

• What Would Happen If States Started Looking at Cyber Operations as a “Threat” to Use Force?

• Local Franchising, Big Cities, and Fiber Broadband

• Browser tracking protections won’t stop tracking, warns DuckDuckGo

• IT Security News Daily Summary 2021-03-30

• Expected breach disclosure mandates will test government-industry cooperation

• NIST issues draft election security framework

• It is time for a National Strategic Computing Reserve?

• Malicious Docker Cryptomining Images Rack Up 20M Downloads

• Ziggy Ransomware Gang Offers Refunds to Victims

• Trust in software security has eroded since the SolarWinds attack

• SolarWinds attack makes us distrust the software we buy

• Tips for robotic developers

• Coding for robots: Need-to-know languages and skills

• What is cyber risk quantification, and why is it important?

• Experts Explain Why Medical Misinformation Continues To Spread On Facebook Despite Ban

• White Ops Renames Company ‘Human’

• Exploiting Embedded Linux Devices Through the JTAG Interface

• Uber iOS App Could Soon Include Augmented Reality Directions for Finding Your Driver

• Browser tracking protection doesn’t stop tracking, warns DuckDuckGo

• PHP backdoor attempt shows need for better code authenticity verification

• How phishing attacks evade traditional security defenses

• AI is Security’s Best Defense

• Feds debate while states act on data privacy laws

• VMware addresses SSRF flaw in vRealize Operations that allows stealing admin credentials

• Bitcoin Scam App Approved by Apple Robs iPhone User of $600,000+

• Mozilla VPN now nudges users to put shields up on dodgy networks, adds LAN access

• Hacker claims stealing 8.2TB of MobiKwik data; leaks some online

• The cloud attack you didn’t see coming

• Create an incident response plan with this free template

• Whistleblower: Ubiquiti Breach “Catastrophic”

• Bsides Seattle 2020 – Trupti Shiralkar’s ‘Zerotrusting Serverless Applications’

• Belkin Debuts New MagSafe-Compatible Accessories

• Apple Researching Mac Pro’s ‘Cheese Grater’ Design for Other Devices Like iPhone

• Apple Dominated Audio Device Shipments in 2020 With AirPods and Beats

• MalwareBytes Warns of “I Accidentally Reported You” Steam Scam

• Proof-of-Concept Decryptor Released for Black KingDom Ransomware

• Docker Hub Host Images Shipping with Cryptominers

• PHP Git Breached – 2 Commits Under Developers Name’s Infected

• Harris Federation Education Charity Suffered Ransomware Attack

• BrandPost: Protecting Children from Online Cybersecurity Risks

• Armv9 is Arm’s first major architectural update in a decade

• Quick Hits

• Cyan Forensics Raises $6.9 Million to Combat Pedophiles and Terrorists

• Data loss prevention quiz: Test your training on DLP features

• Best practices for reporting ransomware attacks

• Dog Helps Kids Stay Safe Online

• What You Need to Know — or Remember — About Web Shells

• Tick … Tick … Boom

• SolarWinds Hack: U.S. Govt Failure is Deeply Worrying

• Apple Maps Displays COVID-19 Guidelines for Airports Worldwide

• Adobe Launches iPad Creative App Bundle for $14.99 per Month

• Verizon Shutting Down 3G Network on December 31, 2022

• What’s Covered Under Cyber Risk Insurance

• What educational institutions need to do to protect themselves from cyber threats

• 7 top IoT security challenges and how to overcome them

• What is crypto? The business starter guide to cryptocurrency

• Ransomware: Why we’re now facing a perfect storm

• SolarWinds Attackers Accessed DHS Emails, Report

• PHP web language narrowly avoids “backdoor” supply chain attack

• Younger Ransomware Victims More Likely to Pay Up

• #LORCALive: Nation State Cooperation Essential to Fighting Scourge of Cybercrime

• 278,000 GitHub Repositories Affected by a Critical Networking Flaw in Netmask

• Ghost Users Haunt Healthcare Firms

• Watch Out for These Cyber-Risks

• Monitoring ICS Cyber Operation Tools and Software Exploit Modules To
  Anticipate Future Threats

• What does it take to do SASE your way?

• Apple Supplier Foxconn Expects Shipments to Be Impacted by Global Chip Shortage

• PYSA, the ransomware attacking schools

• Over 100 million MobiKwik user data leaked in Cyber Attack

• Cisco integrates networking, security, IT management for the enterprise

• 10 tips to protect your organization and remote endpoints against cyberthreats

• Microsoft: Firmware Attacks Outpacing Security Investments

• Child Unknowingly Tweets From US Nuclear Command’s Account

• Cybercriminals Publish Data Allegedly Stolen From Shell, Multiple Universities

• PHP web language narrowly avoids dangerous supply chain attack

• Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain

• Cisco’s Vision for SASE and a Brand New Offer to Kickstart Your Journey

• How to Prevent a Rootkit Attack?

• Reflected XSS Vulnerability In “Ivory Search” WP Plugin Impact Over 60K sites

• System Update: New Android Malware

• Security Intelligence Handbook Chapter 11: Geopolitical Intelligence Identifies IT Risks Across the Globe

• First stable release of CentOS replacement AlmaLinux OS now available

• Billions of Records Worldwide Were Already Hacked

• Malware Attack Hits Multinational Conglomerate Honeywell

• Duo’s Passwordless Authentication is Coming!

• New Security Signals study shows firmware attacks on the rise; here’s how Microsoft is working to help eliminate this entire class of threats

• Malicious commits found in PHP code repository: What you need to know

• How Pandemic-Driven Tech Trends are Changing the Labor Market for Good

• Multi-factor authentication: Top 5 things to know

• Top 5 things to know about multi-factor authentication

• Biden Extends Executive Order on Cyberattack Sanctions

• In the Rush to Embrace Hybrid Cloud, Don’t Forget About Security

• Experts found 2 Linux Kernel flaws that can allow bypassing Spectre mitigations

• Intel Accused Of Wiretapping Because It Uses Analytics To Track Keystrokes, Mouse Movements On Its Website

• Hackers Backdoor PHP After Breaching Internal Git Server

• Application Security Tactics Are Due For An Overhaul

• PayPal Launches Crypto Checkout Service

• Students Can Win WWDC 2021 Swag in Apple’s Annual Swift Coding Challenge

• Disney World Launches MagicBand for iPhone and Apple Watch With Animations and Express Mode Support

• Experts Reaction On Harris Federation Ransomware Attack

• Backdoor Pushed in PHP Git Repository Following Server Hack

• Over 55 Million Scam Calls Since December Were Blocked by Australian Telcos

• How to Remove Wi-Fi Networks from Your Mac and iOS Device

• PHP programming language source code targeted in backdoor attack

• Akamai Sees Largest DDoS Extortion Attack Known to Date

• Apple Announces Digital WWDC 2021 Event Taking Place June 7-11

• Apple Revamps Developer App Alongside WWDC 2021 Announcement

• FBI: Cybercrime Shot Up in 2020 Amidst Pandemic

• A Guide to Payment Gateway Testing

• TruU Named Newest Competitor in the 2021 ‘ASTORS’ Awards Program

• The fastest VPN in 2021

• Intel Sued Under Wiretapping Laws for Tracking User Activity on its Website

• Linux Kernel Vulnerabilities Can Be Exploited to Bypass Spectre Mitigations

• What’s Behind the Surge in Cybersecurity Unicorns?

• What You Need to Know to Avoid Instagram Scams

• Radware Threat Researchers Live: Episode 9

• PayPal announces Checkout with Crypto

• What Is Broken Object Level Authorization (BOLA)?

• Harris Federation Hit with Ransomware Cyberattack

• And that’s yet another UK education body under attack from ransomware: Servers, email, phones yanked offline

• Backdoor In PHP Source Code Discovered

• Cloud backup and recovery company HYCU raises $87.5M

• A highly sophisticated ransomware attack leaves 36,000 students without email

• Department of Homeland Security email accounts exposed in SolarWinds hack

• Double-Extortion Ransomware Attacks Surged in 2020

• YouTube Has a Disturbingly Creepy Minecraft Problem

• How AI Augments Downsized Security Teams

• Hundreds of thousands of projects affected by a flaw in netmask npm package

• Epic Games Files Complaint to Support UK Antitrust Watchdog’s Apple Probe

• Google Maps Announces Indoor AR Navigation and Eco-Friendly Route Options

• DDoS attacks in 2021: What to expect?

• Money can buy you insurance against network break-ins but investing in infosec hygiene wouldn’t go amiss, says new NCSC chief

• MPs Face Legal Challenge Over Disappearing Messages

• Ransomware Cuts Off 37,000 Students’ Emails

• US Congress Probes ‘Risky’ SpaceX Launch

• SolarWinds Attackers ‘Accessed Emails’ Of Top US Officials

• You could be hacked and not know it

• Unfair exchange: ransomware attacks surge globally amid Microsoft Exchange Server vulnerabilities

• Ransomware group targets Universities of Maryland, California in new data leaks

• Panasonic, McAfee team up to tackle vehicle cybersecurity

• 9 tips to protect your organization against ransomware

• Report finds requiring customers to use passwords is bad for business

• Concern as Ransomware and Exchange Server Attacks Surge

• Goodbye Event Management, Hello Extended Detection and Response

• Apple Lobbies Against ‘Right to Repair’ Bill Over Privacy Concerns of Third Party Repair Shops Accessing User Data

• Expert On Refunding Victims Ransomware Payments

• Suspected Russian hackers breach US homeland security

• $30,000 to researchers who find bugs in Teams

• FCW Insider: March 30, 2021

• Fileless Malware Detections Soar 900% in 2020

• Infosec Community Increasingly Concerned about SolarWinds Breach, Four Months In

• PHP Git Server Hacked to Plant Malware in Code Base

• Live Broadcast Got Disrupted Due to Cyber-Attack on The Australian Tv Network- Nine

• APT10: sophisticated multi-layered loader Ecipekac discovered in A41APT campaign

• Old TLS versions – gone, but not forgotten… well, not really “gone” either, (Tue, Mar 30th)

• Fileless Malware Attacks Surge by 900% and Cryptominers Make a Comeback

• Booming dark web gig economy is a rising threat

• 10 pioneering women in information security

• Facebook Plans Two Cables Linking US To Asia

• Deliveroo Lowers Price Range For Landmark IPO

• 204 Fleeceware Apps Generated over $400 million in Revenue on the Apple App Store and Google Play Store

• SolarWinds Attackers Accessed DHS Secretary’s Emails — Report

• UK Court Backs Swatch in ‘One More Thing’ Trademark Row With Apple

• UK’s Home Office dangles £32m for application support on comms-snooping network

• Chinese Video App Slumps On Hong Kong Debut

• APAC firms face growing cyberattacks, take more than a week to remediate

• Facial recognition camera projects raise concerns in Eastern Europe

• Survey: 99% of Security Pros Struggling to Secure Their IoT & IIoT Devices

• Cyber attack forces live TV shows off-air on Australia’s Channel 9

• 30 Docker images downloaded 20M times in cryptojacking attacks

• Apple Reportedly Working on Redesigned Apple TV Remote

• Apple Orders 4nm Chip Production for Next-Generation Macs

• Apple Pay Support Begins Rolling Out for Select Banks in South Africa

• Your web application firewall should be more than a firewall – it should be a noise filter too

• Application security testing is not just buzzwords

• MobiKwik Suffers Major Breach — KYC Data of 3.5 Million Users Exposed

• How to Get the Best Results From ZTNA

• Microsoft Exchange Server vulnerability patching doesn’t end the menace

• Over $20m loss to CompuCom from Ransomware Attack

• Are Cloud-Native IAM Controls Good Enough for Your Enterprise?

• Apple rushes to patch zero‑day flaw in iOS, iPadOS

• How Sky Global was Indicted for Selling Security

• Cloud security experts wanted: You can be one of them

• How to avoid 4 common zero trust traps (including one that could cost you your job)

• How well have remote workers adapted one year on?

• 93% of consumers concerned about data security when filling out online forms

• Achieving Automated TISAX Compliance

• ISC Stormcast For Tuesday, March 30th, 2021 https://isc.sans.edu/podcastdetail.html?id=7434, (Tue, Mar 30th)

• Leaders need to find ways to increase internal audit capacity without increasing budgets

• How much of the data created and replicated should be stored?

• GRIMM launches Private Vulnerability Disclosure program to allow defenders to get ahead of the unknown

• Australian telcos have blocked over 55 million scam calls since December

• Fortalezca su perímetro de seguridad con el análisis de inventario

• 5 Teen Internet Safety Tips

• Celebrating Women’s History Month 2021 at Palo Alto Networks

• HID HydrantID ACM solves difficult digital certificate lifecycle management problems

• WALLIX provides enhanced data monitoring and secure remote access for healthcare orgs

• Everbridge expands its CEM SaaS platform to help orgs govern operational risk from unplanned events

• IntelliSite releases managed service to make communities safer, smarter and more connected

• After oil giant Shell hit by Clop ransomware, workers’ visas dumped online as part of extortion attempt

• Intel accused of wiretapping because it uses analytics to track keystrokes, mouse movements on its website

• Myth-busting Antivirus Software Assumptions

• Check up on Your Virtual Safety: Tips for Telehealth Protection

• Protect Your Digital Wellness: Don’t Post Your Vaccination Card Online

• CounterFlow AI appoints Bill Cantrell as CEO

• Morphisec raises $31M to enable business to automatically prevent dangerous cyberattacks

• Accenture acquires Cygni to accelerate cloud first strategies with software engineering services

• After Oil giant Shell hit by Clop ransomware, workers’ visas posted online as part of extortion attempt

• Researcher Patented C2FIV Technology As 2FA For Face Recognition Via Facial Movements

• FatFace Disclosed Data Breach; Turns Out It Suffered Ransomware Attack

• CMMC body hires ex-CISA deputy as first CEO

• Manufacturing Firms Learn Cybersecurity the Hard Way

• American Distrust in Press: Deadly 1830s Cancel Culture

• FTC Abandons Antitrust Lawsuit Against Qualcomm

• Rishabh Mishra joins Infostretch as Head of Corporate Development

• Adversarial training reduces safety of neural networks in robots: Research

• Pair of Apex Legends Players Banned for DDoS Server Attacks

• A Defense-in-Depth Approach Could Stop the Next Big Hack in its Tracks

• Fake MagSafe Accessories Might Be a Bargain, But Watch Out for Shortcomings

• IT Security News Daily Summary 2021-03-29

• Cloudflare’s New API Abuse Detection Services Validate Usage Via Intent

• Canalys: More data breaches in 2020 than previous 15 years despite 10% growth in cybersecurity spending

• NIST framework focuses on election cybersecurity

• Beware of scams this tax season

• Remote work and increased cybersecurity threats presented both challenges and opportunities for MSPs

• SolarWinds Hackers Accessed DHS Chief’s Email

• Attackers Target PHP Git Server to Backdoor Source Code

• Anton’s Security Blog Quarterly Q1 2021

• Apple Expanding Independent Repair Provider Program Worldwide

• Stupid Patent of the Month: Telehealth Robots Say Goodbye

• The one reason your iPhone needs a VPN

• Malicious System Update App Targets Android Users With Malware

• BrandPost: Episode 4: Reduce SOC burnout

• Cultivating small talk when there’s no office

• Best VPN service in 2021: Safe and fast don’t come for free

• Weak passwords are dangerous to your organization

• Facebook Blocks Politician, Gets Accused Of “Digital Totalitarianism”

• Top 20 Most Common Hacker Behaviors

• London-based academies Harris Federation hit by ransomware attack

• Apple Offers Employees Paid Time Off to Get Vaccinated

• Hades Ransomware Gang Exhibits Connections to Hafnium

• CompuCom Cyber-Attack Costs Could Reach $28M

• Vulnerability in ‘netmask’ npm Package Affects 280,000 Projects

• More Solutions Doesn’t Mean More Protection

• US Imprisons BEC Scammer

• Bsides Seattle 2020 – Juliet Okafor, J.D. ‘Keynote’

• XKCD ‘Mask Opinions’

• Bsides Seattle 2020 – Leron Gray’s ‘Y’all Tryna Enumerate Azure AD And RBAC Or Nah?’

• Apple Says App Store, iMessage, iCloud Drive, and Other iCloud Services Are Experiencing Issues [Update: Fixed]

• One Year of COVID-19 in the Middle East and North Africa: The Fate of the ‘Best Performers’

• Sitting comfortably? Then it’s probably time to patch, as critical flaw uncovered in npm’s netmask package

• Introducing ShiftLeft Educate – Security Training for Developers [Webinar]

• 5G slicing vulnerability could be used in DoS attacks

• IRS plots $2.6B IT services consolidation

• The superpowered SOC: How AI can drive agencies to the next level of cyber defense

• DOD ramps up mobile security

• Corporate doxing is on the rise: Here’s how hackers are doing it and how to stop them

• Bumble Launches Online Safety Guide

• SASE, ZTNA and XDR market trends must work together for simplified security

• China-linked RedEcho APT took down part of its C2 domains

• Deals: New Accessory Sales Include 12.9-Inch Magic Keyboard at $249 ($100 Off) and Numerous Discounts on Beats Headphones

• Apple Says App Store, iMessage, iCloud Drive, and Other iCloud Services Are Experiencing Issues

• Adaptive cybersecurity: 3 strategies that are needed in an evolving security landscape

• Almost 40 German Parliament Email Accounts Accessed After Spear-Phishing Attack

• Australian TV Network Services Interrupted

• Apple Releases Emergency Update

• Ransomware Admin is Refunding Victims Their Ransom Payments

• Top Security Tips That Every Business Owner Must Know

• Insurance Giant CNA Went Offline Following A Ransomware Attack

• SAAS & Security – Best Practices For Businesses

• March 2021 Web Server Survey

• 5 Ways MVISION XDR Innovates with MITRE ATT&CK

• SolarWinds hackers accessed emails from U.S. Department of Homeland Security

• Billions of records have been hacked already. Make cybersecurity a priority or risk disaster, warns analyst

• Ransomware negotiations: An inside look at the process

• #LORCALive: More Work Required to Realize the Potential of AI in Cybersecurity

• Ransomware and Extortion Evolve More Brazen Tactics

• Shark Tank’s Robert Herjavec on the state of cybersecurity

• Ransomware Cyber Attack news headlines trending on Google

• BrandPost: 5 Fundamentals for Effective Security Design

• PHP Infiltrated with Backdoor Malware

• Beware of Ongoing Brute-Force Attacks Against NAS Devices, QNAP Warns

• Vulnerability Summary for the Week of March 22, 2021

• Flaws in Ovarro TBox RTUs Could Open Industrial Systems to Remote Attacks

• Manage Google Workspace & Microsoft 365 Identities in Minutes from a Single Cloud Directory

• The Importance of Cybersecurity to SEO

• Apple and Google Leading the Way on eSIM Adoption

• Apple Announces David Attenborough Documentary ‘The Year Earth Changed’

• Ransomware causes shutdown of TV Network

• Sierra Wireless Restarts Production After Being Hit by a Ransomware Attack

• How to build a successful application security program

• Steam users: Don’t fall for the “I accidentally reported you” scam

• Apple Fixed Serious Actively Exploited Zero-Day Bug With iOS 14.4.2

• The Path to Combatting Domain Abuse

• Official PHP Git server targeted in attempt to bury malware in code base

• Billions of records have been hacked already. Make cybersecurity a priority of risk disaster, warns analyst

• Linux 101: How to give users sudo privileges on Ubuntu and Red Hat-based Linux distributions

• ‘Hades’ Ransomware Hits Big Firms, but Operators Slow to Respond to Victims

• More Ransomware Gangs Targeting Vulnerable Exchange Servers

• Beware of scam using the name of Europol’s Executive Director

• 9 million fake sedative pills removed from circulation by Hungarian and Norwegian Police

• Netmask Flaw Leaves Millions Vulnerable While a PHP Git Server is Hacked in Software Supply Chain Attack

• Preparing for the Next “Big Attack”

• Why Healthcare Security Requires an Operation-Centric Approach

• Hackers breached the PHP ‘s Git Server and inserted a backdoor in the source code

• US Charges Close To 500 Individuals For COVID-19 Fraud, Criminal Activity

• Channel Nine Cyber-Attack Disrupts Live Broadcasts In Australia

• Suspected Russian Hackers Gained Access To US Homeland Security Emails

Generated on 2021-04-04 23:58:24.807459