IT Security News Weekly Summary – Week 23

• IT Security News Daily Summary 2022-06-12

• The attacker’s toolkit: Ransomware-as-a-service

• The United Nations’ List of “Not Listed” Terrorist Entities

• Security Bug Detected in Apple M1 Processor Chipsets

• Companies Continue to Pay Multiple Ransom Demands

• Convergint Expands STEP Up Program, Prioritizes School Safety as Part of Annual, Global Convergint Social Responsibility Day

• Delivering Apps Securely Across Any Network and Cloud

• Fraudsters Resorting to ‘Synthetic Identity Fraud to Commit Financial Crimes

• How SeaFlower 藏海花 installs backdoors in iOS/Android web3 wallets to steal your seed phrase

• A Complete Malware Analysis Tutorials, Cheatsheet & Tools list for Security Professionals

• Ransomware gangs are exploiting CVE-2022-26134 RCE in Atlassian Confluence servers

• Conti’s Attack Against Costa Rica Sparks a New Ransomware Era

• HID Mercury Access Controller flaws could allow to unlock Doors

• Weekly Update 299

• Week in review: Follina exploit delivers Qbot malware, Patch Tuesday forecast, RSAC 2022

• Penetration testing

• Your browser stores passwords and sensitive data in clear text in memory

• ERI Becomes First Recycler of Electronics to Achieve SOC 2 Type I Compliance and NAID AAA Certification

• ZITADEL raises $2.5 million to enhance its open-source identity management platform

• Pavilion Data Systems partners with EngineRoom to create new data storage capabilities

• 1Password appoints Erin Zipes as Chief Legal Officer

• Steve Prodger joins Arcules as CRO

• IT Security News Daily Summary 2022-06-11

• New Emotet Variant Capturing Users’ Credit Card Data from Google Chrome

• Carrier’s Industrial Access Control System has Critical Flaws

• Entrepreneur Struggles To Regain Access To Hacked Facebook Accounts

• Bluetooth Signals Can Be Abused To Detect and Track Smartphones

• Iran-linked Lyceum APT adds a new .NET DNS Backdoor to its arsenal

• New Confluence Remote Code Execution Flaw is Exploited by Cryptocurrency Miners

• Critical Flaws Identified in InfiRay Thermal Camera

• Cybersecurity Courses Ramp Up Amid Shortage of Professionals

• 5 Reasons Why Insider Threat Should Be a Security Priority

• PACMAN, a new attack technique against Apple M1 CPUs

• Hardware Bugs Provide Bluetooth Chipsets Unique Traceable Fingerprints

• How China Hacked US Phone Networks

• OMIGOD: Cloud providers still using secret middleware

• Kali Linux Team to Offer Free Access to Penetration Testing Course

• MIT Researchers Discover New Flaw in Apple M1 CPUs That Can’t Be Patched

• Build or Buy your own antivirus product

• RSA – APIs, your organization’s dedicated backdoors

• 3 takeaways from RSA Conference 2022 – Week in security with Tony Anscombe

• Adconion Execs Plead Guilty in Federal Anti-Spam Case

• Merkle and Tealium join forces to enable cookieless identity for marketers

• Snow Software collaborates with Anodot to address evolving issues associated with cloud cost management

• How To Secure WordPress Website From Cyber Attacks?

• Automation Anywhere appoints Rob Ferguson as CRO

• 2022-06-07 – obama186 distribution Qakbot with DarkVNC and spambot activity

• 2022-06-09 – TA578 Contact Forms campaign Bumblebee infection with Cobalt Strike

• Ransomware hits NJ school district

• IT Security News Daily Summary 2022-06-10

• Report: Over 1B Google Play downloads for financial apps targeted by malware

• In search of a more energy-efficient blockchain

• How CISOs can Find and Retain Security Staff During the Great Resignation

• World Economic Forum wants a global map of online crime

• Threat actors exploit recently disclosed Atlassian Confluence flaw in cryptomining campaign

• Remote work demands industrial businesses secure critical infrastructure

• Billion-Dollar Valuations Can’t Halt Layoffs at OneTrust, Cybereason

• CrowdStrike Introduces Humio for Falcon, Redefining Threat Hunting with Unparalleled Scale and Speed

• New Evidence on the Role of Subnational Diplomacy in China’s Pursuit of U.S. Technology

• Better public-private partnerships could prevent major ransomware attacks, crypto insiders say

• CrowdStrike Adds Strategic Partners to CrowdXDR Alliance and Expands Falcon XDR Capabilities

• CrowdStrike Introduces CrowdStrike Asset Graph to Help Organizations Proactively Identify and Eliminate Blind Spots

• Threat and risk specialists signal post-COVID conference season is back on

• CISOs think they aren’t getting enough cyber investment, survey says

• For mental crises, send a pro not the police?

• 3 types of PKI certificates and their use cases

• #RSAC: CISA Outlines Bad Practices Every Organization Should Avoid

• The January 6 Hearing Was a Warning

• The Tricky Business of Elon Musk Getting Twitter Fire-Hose Access

• Survey: Majority of CISOs aren’t getting the cyber investments they want

• Digital Corps launches with 41 fellows across 13 agencies

• Water sector leaders seek increased EPA cybersecurity collaboration and guidance

• How to Blunt the Virulence of the New Ransomware

• EU Debates AI Act to Protect Human Rights, Define High-Risk Uses

• Dark Web Selling Alleged Western Weapons Sent to Ukraine

• Instagram credentials Stealer: Disguised as Mod App

• Instagram credentials Stealers: Free Followers or Free Likes

• Southeast Asia and Australia Orgs Targeted by Aoqin Dragon Hackers for Ten Years

• How to Secure a High-Profile Event Like the Super Bowl

• The Eleventh Circuit’s Acceptance of a Consumer Protection Approach to Social Media Regulation

• #RSAC: The Privacy and Blockchain Paradox

• New Linux Malware ‘Nearly Impossible to Detect’

• Application Security Testing Is on the Mend With Automated Remediation

• How DNS filtering can help protect your business from Cybersecurity threats

• Digital Corps launches with 40 fellows across 13 agencies

• Vulnerabilities Targeting InfiRay Thermal Cameras May Result in Industrial Process Hacking

• Most Security Product Buyers Aren’t Getting Promised Results: RSA Panel

• Mitigating the Security Skills Shortage

• Symbiote: A Stealth Malware that Attacks Banking Institutions

• Malvertising Campaign Target Firefox Users via Fake Updates

• Millions of Facebook Users’ Credentials Were Stolen via Authentic App Services

• Twitter to take down fake accounts to please Elon Musk and his $44 billion offer

• A Few Simple Ways to Transform Your Cybersecurity Hiring

• Google Releases Security Updates for Chrome

• WhatsApp spam offers up “B&Q Father’s Day Contest 2022”

• How AI is driving IAM’s shift to digital identity

• Google Releases Security Updates for Chrome

• Kubernetes Operators: good security practices

• Researchers Find Bluetooth Signals Can be Fingerprinted to Track Smartphones

• Experts spotted a new variant of the Cuba Ransomware with optimized infection techniques

• Symbiote Linux malware spotted, and infections are ‘very hard to detect’

• EU Parliament Approves Ban On Combustion Cars By 2035

• Karakurt data extortion group: CISA issues alert

• Ease your kids into a hybrid play model with these tips

• Phishing, fake landing pages and emails from your boss: How crooks are targeting your crypto

• Bitwarden vs LastPass: Compare top password managers

• 38 Tech Leaders Sign Cyber Resilience Pledge

• How 4 Young Musicians Hacked Sheet Music to Help Fight the Cold War

• Artificial Intelligence and Security: What You Should Know

• U.S. Water Utilities Prime Cyberattack Target, Experts

• Vulnerabilities in HID Mercury Access Controllers Allow Hackers to Unlock Doors

• In a Quickly Evolving Landscape, CISOs Shift Their 2022 Priorities

• What A 650% Rise In Open-Source Software Targeted Hacks Is Teaching Us

• Owl Labs Patches Awful Exposure in Video Conferencing Applications

• Kinsta vs WP Engine: Managed WordPress hosting comparison

• What & Who You Know: How to get a job in cybersecurity with no experience

• What Is Cloud Email?

• MIT researchers discover Apple M1 chip vulnerability

• Google: We’re making the Chrome browser ‘more helpful’ by using machine learning

• How do I keep two PCs in sync when they’re in different locations? [Ask ZDNet]

• This hacking group quietly spied on their targets for 10 years

• Chinese Cyberspy Group ‘Aoqin Dragon’ Targeting Southeast Asia, Australia Since 2013

• Ericsson Confirms SEC Investigation Over Iraq Conduct

• Potent Emotet Variant Spreads Via Stolen Email Credentials

• Chrome 102 Update Patches High-Severity Vulnerabilities

• #RSAC: “Users Are Not Stupid, So Don’t Treat Them Like They Are”

• Design Weakness Discovered in Apple M1 Kernel Protections

• New Linux Malware Dubbed “Almost Impossible” To Detect Found

• Researchers unearth highly evasive “parasitic” Linux malware

• Apple M1 chip contains hardware vulnerability that bypasses memory defense

• InfiRay Thermal Camera Flaws Can Allow Hackers to Tamper With Industrial Processes

• Dark Web Vendors Allegedly Selling Western Weapons in Ukraine

• US Agency Deepens Tesla Autopilot Investigation

• Highly-Evasive Linux Malware ‘Symbiote’ Infects All Running Processes

• Researchers Block Two Million Extortion Emails Daily

• Russia: Cyber-Attacks Could Escalate Military Conflict

• New Emotet Malware Targets Chrome Users Card Information

• Phishing Hits All-Time High in Q1 2022

• Gamers Targeted On Roblox By Ransomware Selling Decryptors On Game Pass Store

• RedSeal Stratus allows organizations to monitor and secure their multi cloud environments

• Researchers Detail How Cyber Criminals Targeting Cryptocurrency Users

• Italian City Palermo Impacted by Cyberattack, Vice Society Ransomware Claims Responsibility

• Vice Society ransomware gang adds the Italian City of Palermo to its data leak site

• The Must-Attend Cybersecurity Event: International Cyber Expo

• Prioritizing segmentation leads to better business and security outcomes

• International Cyber Expo Invites Esteemed Advisory Council to Shape Event Agenda

• Morphisec Knight for Linux proactively prevents advanced evasive attacks

• Emotet malware gang re-emerges with Chrome-based credit card heistware

• Want your endpoint security product in the Microsoft Consumer Antivirus Providers for Windows ?

• Researchers Disclose Critical Flaws in Industrial Access Control System from Carrier

• Lacework expands security capabilities to improve visibility across dynamic cloud workloads

• Noname API Security Platform 3.0 empowers users to identify problems in different regions

• A new Linux Malware named Symbiote is hard to detect

• Russia warned the West against cyber attacks and threatened direct military warfare

• June 2022 Patch Tuesday forecast: Internet Explorer fades into the sunset

• Photos: RSA Conference 2022, part 3

• New infosec products of the week: June 10, 2022

• Chinese ‘Aoqin Dragon’ gang runs undetected ten-year espionage spree

• TranSigma Delivers More Than $7M in Annualized Free-cash-flow Savings for Our Client in First of Many Celonis-supported Use Cases

• How to stay ahead of the Cybersecurity labor crisis and keep growing your business

• Rapidly evolving IoT malware EnemyBot now targeting Content Management System servers and Android devices

• What cybersecurity investors should be aware of in 2022

• Hardware flaws give Bluetooth chipsets unique fingerprints that can be tracked

• Only 43% of security pros can respond to critical alerts in less than an hour

• New Emotet Variant Capturing Users’ Credit Card Data from Google Chrome

• RSA – Creepy real‑world edition

• Navigating Cybersecurity with NERC CIP as the North Star

• Using the random motion of electrons to improve cybersecurity

• Russia, China, warn US its cyber support of Ukraine has consequences

• ADVA Ensemble SaaS MANO accelerates rollout of virtualized services

• Livestream: Jan. 6 Select Committee Hearing Day One

• Test Post

• Test Test 2

• Hyperconverged Infrastructure (HCI) is Changing Data Centers

• White House developing national strategy to increase data collection as privacy tech improves

• Q1 2022 Global DDoS Threat Landscape Report Findings Summary

• Ping Identity, Yubico, and EntryPoint bring zero trust to FIDO2 authenticators for the US Federal Government

• Amazon EKS vs Azure Kubernetes Service

• NASA wants to expand data sharing with Space Force and commercial partners

• #RSAC: Plain Language Threat Modeling for DevSecOps

• Entrust acquires Evidos to enhance its electronic signature and digital signing capabilities

• DigiCert acquires DNS Made Easy to improve web operations and security for organizations

• Report reveals 15-inch MacBook Air release window, M2 Max core count

• NASA to figure out how to get data on unexplained objects in the sky

• Quantum computer succeeds where a classical algorithm fails

• Apple Now Makes the Best Running Watch

• Welcome to the Great Reinfection

• What keeps Mandiant Intelligence EVP Sandra Joyce up at night? The coming storm

• #RSAC: Putting Humans at the Center of Incident Response

• Darktrace Federal appoints Marcus Fowler as CEO

• Harald Schneider joins Equifax as Chief Data & Analytics Officer

• Cloudflare names Mark Hawkins to Board of Directors

• 443ID emerges from stealth and raises $8 million to launch its first products

• Middesk raises $57 million to accelerate trust between businesses

• Russian Radio Station Hacked to Broadcast Ukrainian National Anthem

• Report: Majority of critical router vulnerabilities remain unpatched

• HYCU lands $53 million to enhance its multi-cloud data protection service

• Intel hires April Miller Boise as EVP and Chief Legal Officer

• ComplyAdvantage names Mark Watson as CTO

• TMF looks to measure more than just cost savings

• Noname: Proactiveness Is the Name of the Game in App Security

• Sysdig Takes a Deeper Cut at Cloud Security

• Cloud services proving handy for cybercriminals, SANS Institute warns

• IT Security News Daily Summary 2022-06-09

• UAS network expands operational drone testing

• Replacing lead pipes first depends on being able to find them

• Rob Joyce: China represents biggest long-term cyberthreat

• #RSAC: NSA Outlines Threats from Russia, China and Ransomware

• Lacework Blends Artificial Intelligence and Automation to Bolster Cloud Security

• #RSAC: How to Manage the Supply Chain in the Modern Age

• Prevent Breaches and Malware With Proactive Defenses

• Report: 75% of CISOs worry about vulnerabilities during app production

• DigiCert Acquires DNS Made Easy

• Hackers Can Steal Your Tesla by Creating Their Own Personal Keys

• West Risks Direct Military Clash Over Cyberattacks, Says Russia

• New MSDT 0-day Flaw ‘DogWalk’ Receives Free Unofficial Patches

• Mandiant: Cyberextortion schemes increasing pressure to pay

• CrowdStrike demonstrates dangers of container escape attacks

• #RSAC: Lessons Learned From the Solarwinds Sunburst Attack

• Identity-First Security Helps Reduce and Neutralize Enterprise Threats

• Friday Squid Blogging: Squid Changes Color from Black to Transparent

• The Bipartisan, Bicameral Privacy Proposal Is a Big Deal

• Symbiote, a nearly-impossible-to-detect Linux malware

• #RSAC: Funding Cyber Civil Defense to Help Improve the State of Security

• Twitter Set to Agree to Elon Musk Request For Data on Fake Accounts

• Emotet Banking Trojan Resurfaces, Skating Past Email Security

• Can Hackers steal data from an iPhone

• Feds Forced Travel Firms to Share Surveillance Data on Hacker

• New Linux Malware Symbiote is “Nearly Impossible to Detect”

• Facebook Whistleblower Accuses Company Of Failing To Remove Fake Account Network Run By Politician

• Cisco Makes Resilience a Cornerstone of Security Strategy

• Facebook phishing campaign nets millions in IDs and cash

• A cybercriminal stole 1 million Facebook account credentials over 4 months

• Sophos: Keeping Tabs on the Bad Guys Using Threat Research

• Cloud data breaches: 4 biggest threats to cloud storage security

• Tesla Proceeds With China Hiring Event, Despite Musk Job Warning

• iOS 16 cheat sheet: Complete guide for 2022

• Want Better Security? Up Your Collaboration Game

• How AI Is Useful — and Not Useful — for Cybersecurity

• New Privacy Framework for IoT Devices Gives Users Control Over Data Sharing

• Achieve seamless observability with Dynatrace for Azure

• 0patch Launched Unofficial Patches For ‘DogWalk’ Windows Zero-Day Bug

• Cubic Awarded DoDIN APL Certification for M3-SE and M3X Rugged Servers

• 5 ways to prevent Ransomware attacks

• Security frameworks / attestations and certifications: Which one is the right fit for your organization?

• AT&T Cybersecurity’s Partner Program and SentinelOne enter managed XDR market with robust alliance

• Suspicious behavior: OTX Indicator of Compromise – Detection & response

• CISA Adds Three Known Exploited Vulnerabilities to Catalog  

• New Tesla Hack Gives Thieves Their Own Personal Key

• Russia Says West Risks Direct Military Clash Over Cyber Attacks

• Optimism Crypto Project Hopes Hacker Will Give Back $15 Million

• Ministry Of Defence Acquires Government’s First Quantum Computer

• Expect Downtime Next Week For Packet Storm

• Medical Device Security Offers Proving Ground for Cybersecurity Action

• The Chatter Podcast: Private Sector Intelligence with Lewis Sage-Passant

• Learn what’s new in Azure Firewall

• Russian Evil Corp changes tactics to avoid sanctions

• HoloLens Creator Leaves Microsoft Amid Misconduct Allegations

• #RSAC: How to Fix IoT Security with Digital Twins

• Uptycs: Observability Is Key to Cloud Security

• CISA Adds Three Known Exploited Vulnerabilities to Catalog  

• “Legacy” cryptography in Fedora 36 and Red Hat Enterprise Linux 9

• Apple Launches Passkey Feature For Password-less Verification

• MyEasyDocs Exposed 30GB of Israeli and Indian Students PII Data

• Top GRC Tools & Software for 2022

• Why AIs Will Become Hackers

• Automox Adds Automation to Patching, Vuln Management

• China’s Attacks on Telecom Providers Were Exposed by US

• Effective Cybersecurity for eCommerce Sites

• One In Ten Staff Want To Leave Over Tech Frustrations, Says Freshworks

• 37 Major Companies and Organizations Pledge to Enhance Cyber Resiliency and Counter Evolving Global Threats

• ReliaQuest Bolsters Extended Detection With Threat Intelligence

• Previously undocumented Aoqin Dragon APT targets entities in Southeast Asia and Australia

• The cost of ransomware: Should you pay the ransom?

• Are you maximizing your digital transformation investments with modernized app onboarding?

• The Growing Risk in Cyber Risk Management

• Feds Take Down SSNDOB Marketplace for Selling Private Data of 24 Million US Citizens

• Twitter Used Two-Factor Login Details for Ad Targeting

• Summer holiday season fuels upswing of travel-themed spam

• Facebook users targeted in massive phishing campaign

• ASyncRat surpasses Dridex, TrickBot and Emotet to become dominant email threat

• Beware of Fake CCleaner Search Results that Deliver Information-stealing Malware

• One Size Does Not Fit All Organizations

• ‘Follina’ Vulnerability Exploited to Deliver Qbot, AsyncRAT, Other Malware

• How Poor Communication Opens the Door to Ransomware and Extortion

• Celebrate the Release of Our 100th PG-Practice Machine

• Why Smishing And Vishing Attempts Surged In 2021?

• Apple Will Be Launching Passwordless Logins, What Do You Think?

• BlackBasta is the latest ransomware to target ESXi virtual machines on Linux

• Twitter To Supply Elon Musk With Bot Data – Report

• US Details Chinese Attacks Against Telecoms Providers

• S3 Ep86: The crooks were in our network for HOW long?! [Podcast + Transcript]

• What Do Transparency and Data Sharing Really Mean?

• The Real Cost Of Cyber-Attacks: What Organizations Should Be Prepared For

• New Research Says Technobabble Needs To Be Stamped Out To Broaden Sector’s Appeal

• Whats The Problem With UK Govt Buying Quantum Computer

• What Do You Think Of CISA Latest Alert Warning Exploitation Of Network Providers And Devices By Chinese-backed Threat Actors?

• This new Linux malware is ‘almost impossible’ to detect

• Are 14-character minimum-length passwords secure enough?

• Update now! Patch against vulnerabilities in Meeting Owl Pro and Whiteboard Owl devices

• Symbiote: A Stealthy Linux Malware Targeting Latin American Financial Sector

• Lower costs with Cloud-delivered Firewall Management Center

• Apple’s passkeys attempt to solve the password problem

• Surfshark and ExpressVPN Exit India After Intrusive Law Implementation

• Symbiote Deep-Dive: Analysis of a New, Nearly-Impossible-to-Detect Linux Threat

• Summary of Symbiote Research (A New, Nearly-Impossible-to-Detect Linux Threat)

• Even the Most Advanced Threats Rely on Unpatched Systems

• Millions of Users Have Been Enticed to Phishing Pages in Massive Campaign Exploiting Facebook Messenger

• Symantec: More malware operators moving in to exploit Follina

• Cloud computing: Here’s the security threat you should be most worried about

• CISA warning: Hackers are exploiting these 36 “significant” cybersecurity vulnerabilities – so patch now

• RSA Conference 2022 – Announcements Summary (Day 3)

• Smartphones and Civilians in Wartime

• UK Government Acquires Its First Quantum Computer

• The most common exploit paths enterprises leave open for attackers

• New Emotet Variant Scrapes Google Chrome Credit Card Info

• May 2022’s Most Wanted Malware: Snake Keylogger returns to the index in eighth place following email campaigns delivering the malware via PDF files

• What role did a viral pandemic play in cyber security consolidation?

• Threat Actors Start Exploiting Meeting Owl Pro Vulnerability Days After Disclosure

• A Decade-Long Chinese Espionage Campaign Targets Southeast Asia and Australia

• New Emotet variant uses a module to steal data from Google Chrome

• Five Eyes alliance’s top cop says techies are the future of law enforcement

• MoD Acquires Government’s First Quantum Computer – Report

• Reports: Twitter to Provide Musk With Raw Daily Tweet Data

• Man Arrested for Sharing Info on 3D-Printed Weapons

• UK Joins Quantum Arms Race with First Computer

• Hacked Instagram accounts are scamming users

• DefenseStorm Raises $15 Million for Banking Security and Compliance Platform

• Over Half of CISOs Struggling for Board Investment

• Large Scale Phishing Campaign on Facebook Messenger Generates Millions in Ad Revenue

• Would you watch TV on the road?

• Unofficial Security Patch Released For Microsoft Zero-Day Vulnerability

• Tainted CCleaner Pro Cracker spreads via Black Seo campaign

• Apple’s New Operating Systems: macOS Ventura, iOS 16, & iPadOS 16 – Intego Mac Podcast Episode 243

• Avast Ultimate Business Security upgrade for existing customers

• RSA – Digital healthcare meets security, but does it really want to?

• Ransomware attacks have increased by 80% year-over-year

• Photos: RSA Conference 2022 Early Stage Expo

• Code42 adds watchlists functionality to its Incydr product to help teams manage insider risk events

• Do you know what your supply chain is and if it is secure?

• Malwarebytes DNS Filtering helps IT and security teams block access to malicious websites

• New Emotet Variant Stealing Users’ Credit Card Information from Google Chrome

• Photos: RSA Conference 2022, part 2

• How to build security for the metaverse

• Five Eyes alliance’s top Cop says techies are the future of law enforcement

• Lockbit 2.0 Ransomware targets Cybersecurity firm Mandiant

• CISA issues advisory on Chinese Cyber Threat to US Telecoms and ISPs

• Getting to grips with SaaS security

• Epoch Concepts Supports the USSF on a Massive Multi-Year Project by Providing IT Enabling Infrastructure

• Intelligent Waves’ Phantom, Cybersecurity Solution for Cloud Workload Protection, Named Editor’s Choice By Cyber Defense Magazine at the 2022 Global InfoSec Awards

• Exabeam Partners with Google Cloud to Create Hyperscale Cloud-native SIEM and Cybersecurity Analytics Offerings

• Building trust in a Zero-Trust security environment

• Healthcare is most likely to pay the ransom

• Top three most critical areas of web security

• What Is ISO/IEC 27017?

• Only 13.5% of IT pros have mastered security in the cloud native space

• Prometheus Ransomware’s Bugs Inspired Researchers to Try to Build a Near-universal Decryption Tool

• Supply chain attacks will get worse: Microsoft Security Response Center boss

• NetApp announces new innovations to simplify hybrid cloud operations

• Swimlane Turbine extends visibility and response for security teams

• Living Security Unify Insights allows organizations to identify human behavior risks

• #RSAC: Current Nation-State and Ransomware Gang Threat Trends

• Getting Started with Rapid7 InsightIDR: A SIEM Tutorial

• Testing & Evaluating SIEM Systems: A Review of Rapid7 InsightIDR

• Phishing Campaigns featuring Ursnif Trojan on the Rise

• How to Recognize an Online Scammer

• Wedding Planning App Users Hacked Before the Big Day

• 8 Ways to Know If Online Stores Are Safe and Legit

• How to Know If Your Mobile Finance Apps Are Safe

• Now Windows Follina zero-day exploited to infect PCs with Qbot

• Anjuna Security: Tapping ‘Confidential Computing’ to Secure Data, Users, and Organizations

• Security & Productivity: The New Power Couple

• SSNDOB Cybercrime Marketplace Seized in Intl. Coordinated Operation

• Why you need your boss’s boss to embrace agile

• Kovrr partners with Microsoft to help enterprises mitigate their cyber risk exposure

• Immuta raises $100 million to meet accelerated global demand for data security

• Schneider Electric collaborates with Claroty to enhance industrial cybersecurity

• #RSAC: How To Deal With a Panicked C-Suite During a Ransomware Event

• Cracking the Email Security Code: 12 Best Practices for Small and Midsize Businesses

• Concentric: How To Maximize Your AI Returns, In and Out of the SOC

• DeepSurface Security: Risk-Based Prioritization Adds New Depth to Vulnerability Management

• Connected vehicle, infrastructure data drives roadway safety

• NIST offers $1 million for next-gen incident command dashboards

• Work smarter and safer from anywhere with Getflix VPN

• #RSAC: The Most Dangerous Attacks of 2022

• Lookout: Getting It Right at the Secure Service Edge

• How a Saxophonist Tricked the KGB by Encrypting Secrets in Music

• Dragos OT-CERT improves security posture for industrial asset owners and operators

• OwnBackup hires Courtnee LeClaire as CMO and Alyssa Lahar as CPO

• IT Security News Daily Summary 2022-06-08

• MakeMoney malvertising campaign adds fake update template

• States try incentive-based cybersecurity

• 0Patch released unofficial security patch for new DogWalk Windows zero-day

• Radio waves for the detection of hardware tampering

• CISA director promotes collaboration and trust at RSAC 2022

• TSP participants bemoan bumpy recordkeeper transition

• Facebook Faces Massive Suit Alleging It Put Users’ Profiles In Sponsored Advertising

• The White House just pulled its nominee to fill the still-vacant job of federal procurement chief

• How one paper just blew up Bitcoin’s claim to anonymity

• Talon Grasps Victory at a Jubilant RSAC Innovation Sandbox

• Momentum and money

• SSNDOB Market domains seized, identity theft “brokerage” shut down

• Black Basta Ransomware Targets ESXi Servers in Active Campaign

• Platform Liability Trends Around the Globe: Moving Forward

• Google has more reasons why it doesn’t like antitrust law that affects Google

• Microsoft Slashes Russia Operations, Axes 400 Staff

• Vendor Security Network Boosted With Whistic Announcing $35m Funding Round

• What TrickBot Tells Us About The Future of Malware

• SideWinder Hackers Have Planted a Bogus Android VPN Program

• Welcoming the Indonesian Government to Have I Been Pwned

• Bitwarden vs 1Password: Password manager comparison

• Snowflake Launches Cybersecurity Workload to Find Threats Across Massive Data Sets

• CISA Reveal Chinese Hackers Tactics Targeting US Telecoms and Network Service Providers

• Summit of the Americas: An Opportunity to Address China’s Growing Influence over Latin America’s Mineral Resources

• ASC X9 Launches Effort To Develop New Standard That Will Enhance QR Code Security Via Cryptography

• Ridge Security Announces Security Validation Hyperautomation Solution at RSAC 2022

• CyberSheath Opens Registration For CMMC CON 2022

• How to create a continuous lifecycle for your IT Policy Management

• Challenges that impact the Cybersecurity talent pipeline

• Google Fixes Critical Vulnerabilities Affecting Android Devices

• Ten Percent Of Twitter Accounts Posting Spam, Says GlobalData

• It Doesn’t Pay to Pay: Study Finds Eighty Percent of Ransomware Victims Attacked Again

• CISA Adds 36 Known Exploited Vulnerabilities to Catalog 

• Feds Raid Dark Web Market Selling Data On 24 Million Americans

• Data For 2 Million Patients Stolen In Largest Healthcare Breach So Far In 2022

• Osmosis Blockchain Taken Offline After Hacker Steals $5m

• Maiar Exchange Taken Offline After Hacker Steals $113m

• Black Basta Ransomware Teams Up With Malware Stalwart Qbot

• Awful 4chan chat bot spouts racial slurs and antisemitic abuse

• Reverse Tunnels and URL Shorteners Employed by Attackers to Launch Phishing Campaign

• CTOs n CISOs quitting jobs because of ransomware fear

• Ofcom Updates Law To Protect Last Remaining Phone Boxes

• Telegram Shared Personal User Data With German Authorities

• MongoDB: From jokes to juggernaut

• CISA Adds 36 Known Exploited Vulnerabilities to Catalog 

• Containers vulnerability risk assessment

• The EU’s New Message-Scanning Regulation Must Be Stopped

• Minimalistic OffSec Scanner – A Powerful TCP and UDP Scanner

• Four Best Practices For Ransomware Protection

• Access Management Firm Opal Launches With $10 Million Series A Investment

• SSNDOB Market servers seized, identity theft “brokerage”” shut down

• Five Ways Cyber Attackers Leverage Bad Bots to Commit Automated Fraud

• Phishing: use of reverse tunnel services to avoid detection and shutdown increases

• Feds raid dark web market selling data on 24 million Americans

• Researchers Warn of Unpatched “DogWalk” Microsoft Windows Vulnerability

• Reinventing Cambridge Analytica One Good Intention at a Time

• Photos: RSA Conference 2022, part 1

• Your Resistance Pauses Axon’s Dangerous Drone Tasers

• IBM Closes Down Russian Operation, Lays Off Staff

• Taming the Digital Asset Tsunami

• Cybercriminals use automated bot to bypass 2FA authentication at wide scale

• CISA Clarifies Criteria for Adding Vulnerabilities to ‘Must Patch’ List

• #RSAC: How the US Government and Industry Work Together to Stop Cyber-Attacks

• How Do We Secure Our Cities From Attack?

• US dismantled and seized SSNDOB cybercrime marketplace

• Router security in 2021

• 5 Linux malware families SMBs should protect themselves against

• Intel offers ‘server on a card’ reference design for network security

• New Security and Privacy Features in macOS Ventura, iOS 16, and iPadOS 16

• Paying Ransomware Paints Bigger Bullseye on Target’s Back

• Data Breach at Shields Health Care Group Impacts 2 Million Patients

• SSNDOB stolen data marketplace shut down by global law enforcement operation

• TSMC Rules Out European Chip Factory For Now

• Fronton Botnet Attacks: Why Enterprises Should Worry

• NSA, FBI warning: Hackers are using these flaws to target VPNs and network devices

• OSINT Authentication Firm 443ID Emerges From Stealth with $8 Million Seed Funding

• Google Ordered To Pay Australian Politician Over Defamatory Youtube Videos

• RSA Conference 2022 video walkthrough

• Tried And Tested Ways To Protect Your Mac Device

• Android security: Google updates fix these five critical vulnerabilities

• Cloud Data Access Firm Immuta Raises $100 Million

• Owl Labs Patches Severe Vulnerability in Video Conferencing Devices

• OffSec Live

• High-Stakes Heists: 7 Films That Do It Right

• Apple’s ‘Passkeys’ Could Lead To Passwordless Future

• Why Shields Health Care Group Suffers Data Breach? Expert Weighs In

• Rogue Actors Slipping Through The Cracks Into Business’ Internal Networks

• Italian City Of Palermo Shuts Down All Systems To Fend Off Cyberattack

• Chinese State-backed Actors Hack Telecom Firms to Steal Data

• How to Recover From a Ransomware Attack

• Black Basta Ransomware Teams Up with Malware Stalwart Qbot

• RSA Conference 2022 – Announcements Summary (Day 2)

• Leaking Military Secrets on Gaming Discussion Boards

• New NHS Digital Materials Aim to Boost Cybersecurity Awareness in Social Care Organisations

• Privilege Escalation in Azure: Keep your enemies close, and your permissions closer

• 443ID launches with OSINT-driven identity and access management solution

• SSNDOB Cybercrime Marketplace Taken Down by Law Enforcement

• Ransomware Pressure Forces UK CISOs to Consider Quitting

• New Report Shows That Smishing Attempts Soared in 2021

• Qrypt collaborates with Vaultree to offer encrypted data processing technology for customers

• Qbot – known channel for ransomware – delivered via phishing and Follina exploit

• Deadbolt Ransomware Uses Multi-Tiered Extortion

• MongoDB grows up

• Whistic Raises $35 Million in Series B Funding for Vendor Security Network

• US and Euro Police Smash Cybercrime Marketplace

• Is Streaming Too Much Harmful or Beneficial to Your Health?

• Cuba Ransomware Group’s New Variant Found Using Optimized Infection Techniques

• Attacker Dwell Time Surges 36% in 2021

• China-linked threat actors have breached telcos and network service providers

• Italian Municipality of Palermo Suffers Cyberattack

• Onapsis’ product updates strengthen business application security

• NetWitness XDR helps analysts detect known and unknown attacks

• Coffee app in hot water for constant tracking of user location

• Taiwan Bans Most Chip Exports To Russia, Belarus

• Evil Corp Hacker Group Changes Ransomware Tactics After U.S. Sanctions

• Intruder dwell time jumps 36%

• SafeBreach Studio enables security teams to automate and scale red-team exercises

• Best Construction Workforce Management Solutions

• Forcepoint unveils new solutions to simplify connectivity and network security for enterprises

• U.S. Agencies Warn About Chinese Hackers Targeting Telecoms and Network Service Providers

• Acronis Advanced DLP protects businesses and MSPs from data leakage

• 82% of CIOs believe their software supply chains are vulnerable

• Black Basta ransomware now supports encrypting VMware ESXi servers

• Arctic Wolf announces cyber insurance readiness tool to help organizations manage their security posture

• Beijing-backed baddies target unpatched networking kit to attack telcos

• Cyber Security Management System (CSMS) for the Automotive Industry

• FakeCrack: Crypto stealing campaign spread via fake cracked software

• US cyber chiefs: Moving to Shields Down isn’t gonna happen

• FBI Seizes ‘SSNDOB’ ID Theft Service for Selling Personal Info of 24 Million People

• Ransomware attacks keeping the educational sector on its toes

• Ukraine’s secret cyber-defense that blunts Russian attacks: excellent backups

• NVIDIA offers Medical Computing Platform with Artificial Intelligence

• Black Basta Ransomware gang partners with QBot malware

• LastPass introduces passwordless Vault access

• Recovery and resilience: CISO insights into the 2022 cybersecurity landscape

• Trellix Partners with Hispanic Alliance for Career Enhancement to Boost Cybersecurity Workforce

• MetricStream and OCEG Survey Shows Businesses are Seeking Connected GRC Systems to Ensure Risk Readiness and Resiliency

• PIXM Named Winner of the Coveted Global InfoSec Awards during RSA Conference 2022

• Spin Technology Named Winner of the Coveted Global InfoSec Awards during RSA Conference 2022

• CMMC 2.0: key changes

• Barely one-third of IT pros can vet code for tampering

• Ransomware: A Beginner’s Guide to Threat Detection

• Pandemic-related identity fraud: How serious is it?

• Bridging the IT/OT gap with Tripwire’s Industrial Solutions

• Now Is the Time to Plan for Post-Quantum Cryptography

• Zero trust segmentation eliminates 5 cyber disasters per year and saves $20+ million annually

• RSA – Spot the real fake

• Elastic Security for Cloud expands visibility and protection of cloud-native environments

• Cyware CTIX 3.0 improves risk planning and defensive posture for security teams

• Trulioo platform update provides enhanced proof of address and anti-money laundering offerings

• Why Phishing Is Still the Top Attack Method

• What TrickBot tells us about the future of

• LastPass allows customers to access their vault with a passwordless login

• Cyber Security Giant Mandiant Denies Hacking Claims By LockBit Ransomware

• How to Quickly Remove Malware in 2022

• Disinfo and Hate Speech Flood TikTok Ahead of Kenya’s Elections

• #RSAC: Schneier Declares AI Hacking Will Favor Defense

• #RSAC: Collective Effort Required to Strengthen National Cybersecurity

• Deepfence partners with Lightstream to enhance security posture for enterprises

• Data for 2 million patients stolen in largest healthcare breach so far of 2022

• Linux version of Black Basta ransomware targets VMware ESXi servers

• Apple’s New MacBook Air Brings Back MagSafe for All

• Apple’s “next generation” of CarPlay plans to take over every screen in your car

• #RSAC: Cryptographers Panel Outlines Perils of Adversarial AI and Blockchain

• Relativity integrates with Box to enable direct data collection for e-discovery

• GoSecure and TPx launch Managed IDR service to protect organizations from advanced email threats

• Expel collaborates with Armis to provide critical coverage of customers’ ecosystems

• An Emerging Threat: Attacking 5G Via Network Slices

• People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices

• People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices

• HackNotice raises $7 million to help companies fight against cyber threats

• Forescout acquires Cysiv to deliver data-powered analytics for 24/7 threat detection and response

• GitHub adds supply chain security tools for Rust language

• DOE shares playbook for energy emergencies

• #RSAC: Cybersecurity Industry Can Provide Soulful Jobs for Technologists Tired of Soulless Social Media Employers

• People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices

• People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices

• GAO tags unemployment insurance as ‘high risk’

• LiveAction appoints Francine Geist as CEO

• Lawmakers grill VA cyber officials over stalled progress cybersecurity

• Ransomware Task Force priorities see progress in first year

• IT Security News Daily Summary 2022-06-07

• AppOmni raises $70M to secure orgs’ SaaS apps

• Smart cameras automate recording, boost police transparency

• Smart edge infrastructure expands capacity, real-time data access

• How to use AI in cybersecurity?

• Lawmakers want to know how much bad software costs DOD

• Microsoft flags common pitfalls for cyber insurance

• After the Cawthorn Ruling, Can Trump Be Saved From Section 3 of the 14th Amendment?

• Elastic releases security solution for the cloud

• Zitadel targets developers with open-source identity management platform

• AppOmni Raises $70 Million to secure orgs’ SaaS apps

• What’s the best place for an EV charging station?

• SUSE doubles down on security in its latest SUSE Linux Enterprise 15 release

• EU Agrees Common Mobile Charging Port, In Blow To Apple

• Elastic releases Elastic Security for Cloud

• Ransomware Task Force calls for better incident reporting

• Facebook Whistleblower Believes The Company Can’t Recover Until Zuckerberg Steps Down

• Mandia: Keep ‘Shields Up’ to Survive the Current Escalation of Cyberattacks

• Watchdog finds cyber risks in TVA control systems

• IBM to Acquire Randori for Attack Surface Management Tech

• 8 benefits of DevSecOps automation

• #RSAC: The Growing Relevance and Challenges of Privacy

• A third of organizations hit by ransomware were forced to close temporarily or permanently

• Technical Details Released for Recently Patched Zyxel Firewall Vulnerabilities

• Google Publishes Monthly Android Security Bulletin, Patches Critical Vulnerabilities

• Reverse Tunnelling & URL Shortening Services Used in Evasive Phishing

• Russian Ministry Website Hacked to Display “Glory To Ukraine” Message

• Driverless taxis hit city streets

• Do AI systems really have their own secret language?

• Apple Announces New Security Update Feature in iOS 16, macOS Ventura

• Top Cybersecurity Companies for 2022

• Multilevel Extortion: DeadBolt Ransomware Targets Internet-Facing NAS Devices

• NFTs Worth 200 Ether Were Stolen From the Bored Ape Yacht Club

• Nearly half of organizations hit by ransomware lost business as a result

• SVCReady: A New Loader Gets Ready

• Spanish Judge to Seek Testimony From NSO on Pegasus Spyware

• Using SSH tunneling for good and evil

• RSAC Opens With Message of Transformation

• How the C-Suite Puts Shoulders Into Zero Trust in 2022

• Apple’s Safety Check combats domestic abuse but timing its use is critical

• Humans and identity are constants in the ever-changing world of cybersecurity

• Evil Corp Hacker Group Changes Ransomware Tactics to Evade US Sanctions

• When DRM Comes For Your Wheelchair

• Virtual desktop infrastructure security best practices

• e360 Recognized by CRN® as One of North America’s Top Performing IT Solution Providers

• How DNS filtering can help protect your business from Cybersecurity threats

• GrammaTech to Host Cyber Thriller Book Signing at RSA 2022 with Deb Radcliff

• NSO Boss To Be Questioned By Spanish Judge Over Spyware Claim

• Joomla Security in 2022 – Best Practices To Secure Your Website

• Humans still weakest link in cybersecurity

• Know your enemy! Learn how cybercrime adversaries get in…

• Microsoft details zero-trust transition, challenges

• Enterprise Security Around the Dinner Table

• Hackers can take over accounts you haven’t even created yet

• Apple Blocks Millions of Apps and Restricts User Accounts

• New Specops Password Policy Detects and Blocks in User’s Active Directory

• Apple to say goodbye to Passwords with its MacOS Ventura Passkeys

• Apple Just Killed the Password—for Real This Time

• Owl Labs Releases Security Updates for Meeting Owl Pro and Whiteboard Owl

• Boosting your XDR Potential with Device Insights and Kenna Integrations

• Microsoft Seizes 41 Domains Tied To Iranian Phishing Ring

• Microsoft Won’t Say If It Will Patch Critical Windows Vuln Under Exploit

• Attackers Use Public Exploits To Throttle Atlassian Confluence Flaw

• Follina Exploited By State-Sponsored Hackers

• Spanish Court Calls CEO Of Israel’s NSO Group To Testify In Spying Case

• Beware of scams involving jobs, stimulus checks and tax refunds, IRS warns

• Hackers are now hiding inside networks for longer. That’s not a good sign

• DNI Avril Haines: Cybersecurity is getting harder

• KrebsOnSecurity in New Netflix Series on Cybercrime

• Owl Labs Releases Security Updates for Meeting Owl Pro and Whiteboard Owl

• Protect Your Executives’ Personal Digital Lives to Protect Your Company

• AI for Cyber Threat Intelligence – Challenges and Mitigation Approaches

• The Need for Automated Remediation in SaaS Security

• How to Solve a CISO’s Worst Nightmare

• Texas AG Investigates Twitter For ‘Deceptive Practices’ Over Bots

• How to install Maltrail for malicious traffic detection on your network

• Evil Corp gang starts using LockBit Ransomware to evade sanctions

• Getting a list of fixes for a Red Hat product between two dates is easy with daysofrisk.pl

• Rotten apples banned from the App store

• Just Released: 2022 (ISC)² Security Congress Agenda!

• WWDC 2022: Apple ‘All New’ MacBook Air, MacBook Pro

• New Dragos OT-CERT Provides Free Industrial Cybersecurity Resources

• Cybersecurity Industry Leaders Launch Campaign to Close the Cybersecurity Talent Gap

• Akamai Launches New Malware Protection for Uploaded Files

• 7 NFT Scams That Could Be Targeting Your Brand

• BlackBerry launches CylanceGATEWAY ZTNA-as-a-service solution

• Cyber Risk Retainers: Not Another Insurance Policy

• RSA Conference 2022 – Announcements Summary (Day 1)

• Snowflake Debuts Cybersecurity Workload to Aid Visibility, Automation

• CyberRatings.org Announces Test on Cloud Network Firewall

• Forescout Announces Intent to Acquire Cysiv to Deliver Data-Powered Threat Detection and Response

• CISA Challenges Partners and Public to Push for ‘More Than a Password’ in New Social Media Campaign

• A Long-Awaited Defense Against Data Leaks May Have Just Arrived

• Three Reasons Why Unification Drives Modern Data Security Strategy

• Cequence Security Unified API Protection enables security teams to protect their APIs

• Ransomware Gangs Now Employ a New Technique

• How to Create Identity and Access Governance In and Across Clouds

• Cybersecurity awareness training: What is it and what works best?

• Follina Exploited by State-Sponsored Hackers

• Conducting Modern Insider Risk Investigations

• RSA Conference 2022 – Vendor Announcements Summary (Day 1)

• Evil Corp Cybercrime Group Shifts to LockBit Ransomware to Evade Sanctions

• Stamus Networks U38 provides earlier detection of cyber threats for customers

• How do I recover data from an old laptop if I’ve forgotten the password? [Ask ZDNet]

• 4 Ways to Close the OT Cybersecurity Talent Gap

• MITRE System of Trust identifies and quantifies supply chain security risks

• PuTTY SSH Bruteforce Login Script

• Suse bolsters security in Linux Enterprise 15 update

• Cybereason: Paying ransoms leads to more ransomware attacks

• Cybereason Ransomware True Cost To Business Study Reveals Organisations Pay Multiple Ransom Demands

• Apple Blocks Over A Billion Attacks On The App Store

• Apple unveils passkeys for passwordless authentication to apps and websites

• Apple Presents macOS Ventura, iOS 16, iPadOS 16, and New Macs

• Threat Actors Exploit Microsoft ‘Follina’ Bug to Attack Europe and U.S. Entities

• Attackers Use Public Exploits to Throttle Atlassian Confluence Flaw

• Period-Tracking and Fertility Apps Can Put Women Seeking Abortions at Risk

• Microsoft’s Digital Crimes Unit Takes Legal Action Over Spear-Phishing Attacks by Bohrium Hackers

• QBot Now Attacks Using Black Basta Ransomware

• WWDC 2022: Apple Unveils Powerful M2 Chip

• 4 Tips for an Airtight Kubernetes Security Policy

• Security Awareness Firm CybSafe Bags $28 Million in Series B Funding

• Ukrainian Officials’ Phones Targeted by Russian Hackers

• SimSpace platform enhancements help security teams validate their incident response operations

• Google Patches Critical Android Vulnerabilities With June 2022 Updates

• Hacking Scenarios: How Hackers Choose Their Victims

• Motorola’s Unisoc Chips Found to Contain Vulnerability

• WWDC 2022: Apple Announces New iPhone, iPad Operating System

• Smishing and Vishing Attempts Surged in 2021

• Gloucester Council IT Systems Still Affected Six Months After Cyber-Attack

• Social Care Organizations Get Cybersecurity Boost

• Researchers Warn of Spam Campaign Targeting Victims with SVCReady Malware

• IBM acquires Randori to strengthen its portfolio of AI-powered cybersecurity products and services

• This Is the Noteworthy Commitment of Quantum Signing Up: a Million Qubits and Screw Up Correction During 10 Years

• How to Pick the Gathering That Best Watches Out for Your Tech Association?

• NERC CIP Audits: Top 8 Dos and Don’ts

• Cyber-Attack Surface “Spiralling Out of Control”

• Black Basta ransomware operators leverage QBot for lateral movements

• Cisco announces innovations for end-to-end security across hybrid multi-cloud environments

• What It’s Like to Progress Forward During a Period Including an IPhone 13 Pro After Years as an Android Client

• Optiv CRS protects mission-critical assets and enhances recovery

• Looking for adding new detection technologies in your security products?

• Tenable closes acquisition of Bit Discovery and announces new solution to reduce cyber risk

• Authorities Taken Down WeLeakInfo and other Domains Providing DDoS Service

• Apple’s New Feature Will Install Security Updates Automatically Without Full OS Update

• Uptycs unveils functionality for CNAPP use cases to help organizations detect new cloud-based risks

• Does Windows 10 or 11 Need Antivirus Software?

• Attackers aren’t slowing down, here’s what researchers are seeing

• Why you should worry about medical ID theft

• How to create awareness and mitigate data loss incidents

• Bots compromise Jersey Computers to use them for Cyber Attacks

• Motorola mobiles suffering from stack overflow vulnerability

• Trellix Showcases Security’s Soulful Work and Award-Winning Tech at RSA® Conference

• IronNet Wins Award for Advanced Persistent Threat Detection

• Rapidly evolving IoT malware EnemyBot now targeting Content Management System servers and Android devices

• How to stay ahead of the Cybersecurity labor crisis and keep growing your business

• Stories from the SOC – Persistent malware

• Turning the tables on cyber attackers

• Ransomware attacks setting new records

• Boards, CEOs demand software supply chain security improvements

• Personal Data of 30,000+ Students Disclosed in Unsecured Database

• Cynet Automated Response Playbooks empowers security teams to reduce their alert investigation

• Business fit report: Echoworx Email Encryption

• Pindrop platform enhancements monitor fraudulent attempts to pass voice verification

• Deepwatch launches MXDR service to improve threat detection for enterprises

• BigID unveils SmallID to help customers improve security posture across the cloud

• FortiRecon gives enterprises adversary’s perspective of their attack surface

• Akamai Malware Protection blocks malicious files uploaded to web apps and APIs

• Chinese ride-hailing giant Didi surged 24% after report that regulators are ending probes

• #RSAC: The Changing Work of the Cyber-Threat Intelligence Community

• Juniper Networks expands its SASE offering with CASB and DLP capabilities

• IBM buys Randori to address multicloud security messes

• Top Secure Access Service Edge (SASE) Providers

• Musk Threatens to Walk Away From Twitter Deal

• DOD recommends NIST align frameworks for cybersecurity risk management

• Microsoft seizes 41 domains tied to ‘Iranian phishing ring’

• Thales collaborates with Palo Alto Networks to deliver new security integrations for businesses

• Absolute partners with leading ISVs to boost resiliency of their endpoint applications

• Bipartisan bill proposes new federal data privacy standards

• Renee Guttmann joins Kovrr Advisory Board

• AppOmni raises $70 million to help enterprises secure their entire SaaS environments

• Perimeter 81 raises $100 million to accelerate product development

• OVO Energy selects Noetic Cyber to gain better context and understanding of their cyber risk

• RSA 2022: Prometheus ransomware’s flaws inspired researchers to try to build a near-universal decryption tool

• iOS 16 cheat sheet: Complete guide for 2022

• MacOS malware attacks slipping through the cracks

• Ransomware’s ROI Retreat Will Drive More BEC Attacks

• Vulnerability Summary for the Week of May 30, 2022

• Lockbit ransomware gang claims to have hacked cybersecurity giant Mandiant

• Cisco EVP: We need to lift everyone above the cybersecurity poverty line

• New report points to cyber risks in TVA control systems

• Apple touts Passkey, its new privacy feature, at WWDC 2022

• Vulnerability Summary for the Week of May 30, 2022

• Microsoft Autopatch is here…but can you use it?

• IT Security News Daily Summary 2022-06-06

• FBI warns of scammers soliciting donations for Ukraine

• RecoLabs hopes to secure enterprise collaboration

• Brush up on phishing detection to prevent ransomware

• Ransomware attacks may be tough to stop, but here’s how to recover

• Speech-Related Offenses Should be Excluded from the Proposed UN Cybercrime Treaty

• Cyber competition builds skills, teamwork

• Communication Is Key to CISO Success

• Microsoft seized 41 domains used by Iran-linked Bohrium APT

• Authy vs Google Authenticator: Two-factor authenticator comparison

• Kinsta vs WP Engine: Managed WordPress hosting comparison

• Network Security Firm Perimeter 81 Closes $100 Million Funding Round

• Major DDoS attacks increasing after invasion of Ukraine

• BigID Introduces Cloud Data Security On Demand

• Optiv Launches Cyber Recovery Solution Focused on Protection and Rapid Recovery

• Delivering emergency alerts to vehicle infotainment systems

• US Supreme Court Seeks Biden Input On WhatsApp’s NSO Lawsuit

• EEOC will keep online mediation around post-Covid

• Federal broadband strategies ‘fragmented and overlapping,’ GAO says

• Threat Awareness Firm HackNotice Raises $7 Million

• RSA Conference 2022: Adjusting to ongoing transformation

• Reno mayor touts potential of blockchain, NFTs as city embarks on new pilot programs

• Thousands of unprotected Elasticsearch databases are being ransomed

• Polonium Assaults Against Israeli Organizations were Blocked by Microsoft

• IBM to Acquire Randori, Transforming How Clients Manage Risk with Attack Surface Management

• Report: Facebook Hosts A Stunning Amount Of Cryptocurrency Fraud

• IBM to Buy Attack Surface-Management Firm Randori

• RangeForce Named Cutting Edge Cybersecurity Training Platform in Global InfoSec Awards at RSA Conference 2022

• Hypori Wins Most Innovative Mobile Device Security Solution at the 10th Annual Global InfoSec Awards, Presented at the 2022 RSA Conference

• Horizon3.ai Named Winner of the Coveted Global InfoSec Awards during RSA Conference 2022

• Mandiant Secures Two Coveted Global InfoSec Awards During RSA Conference 2022

• AT&T Cybersecurity’s Partner Program and SentinelOne enter managed XDR market with robust alliance

• Fronton Botnet Attacks — Why Enterprises Should Worry?

• A hopeful update on the President’s Management Agenda

• How to always access your locked iOS device

• Critical Vulnerability Found in Motorola’s Unisoc Chips

• Attackers Use Underground Hacking Forum to Strip Activation Lock from iPhones

• Russian Construction and Housing website hacked for war on Ukraine

• RSAC 2022 trends: IBM, CrowdStrike and Wiz look to secure cloud attack surface

• State-Backed Hacker Believed to Be Behind Follina Attacks on EU and US

• The CISO Shortlist: Top Priorities at RSA 2022

• Cybersecurity M&A Activity Shows No Signs of Slowdown

• Long Story on the Accused CIA Vault 7 Leaker

• Multilingual Cybersecurity Awareness Training adapted for your needs

• Musk May Drop Twitter Deal If Fake Account Data Not Provided

• Complete Guide to Keylogging in Linux: Part 2

• FBI warning: This gang steals data for ransom, then makes harassing phone calls to pile on the pressure

• Small business cybersecurity: Avoid these 8 basic mistakes that could let hackers in

• Seagate Technology and the Case of the Missing Huawei FDPR Enforcement

• Hack Global, Buy Local: The Inefficiencies of the Zero-Day Exploit Market

• Announcing 2022 Microsoft Security Excellence Awards winners

• Atlassian Patches Confluence Zero-day Vulnerabilities

• A Severe Zero-Day Vulnerability Riddles Microsoft Office

• Researcher Discloses A WordPress CSP Bypass Publicly After Not Hearing From the Publishers

• Real Security Concerns Are Scarier Than Doomsday Predictions

• Apple protected App Store users from $1.5 billion fraud last year

• Critical Account Takeover Vulnerability Patched in GitLab Enterprise Edition

• 10 Most Prolific Banking Trojans Targeting Hundreds of Financial Apps with Over a Billion Users

• Security Resilience for a Hybrid, Multi-Cloud Future

• Australian Court Orders Google To Pay Politician Over ‘Abusive’ YouTube Videos

• Apple Blocked 1.6 Million Risky, Vulnerable Apps in 2021

• Unpatched Critical Flaws Disclosed in U-Boot Bootloader for Embedded Devices

• Russian Ministry Website Appears Hacked

• Ransomware Attacks Have Dropped. Gangs Attack Each Other’s Victims

• Costa Rican Government Held Up By Ransomware… Again

• Meet The Vigilantes Who Hack Millions In Crypto To Save It From Thieves

• Is SEO Better Than Paid Ads?

• Armis unveils Industry’s first End-to-End Risk-Based Vulnerability Lifecycle Management

• Ransomware Viruses Are Not Going Away

• Are You Ready for a Breach in Your Organization’s Slack Workspace?

• AlphaBay Is Taking Over the Dark Web—Again

• Qualys VMDR 2.0 provides security teams with insights into an organization’s risk posture

• LastPass joins the FIDO passwordless movement

• Personal Information of Over 30,000 Students Exposed in Unprotected Database

• Gathering Momentum: 3 Steps Forward to Expand SBoM Use

• Name That Edge Toon: Hey, Batter Batter!

• Qualys VMDR 2.0 with TruRisk: Taking vulnerability management to the next level

• Lumu Incident View empowers security teams to prioritize incidents based on the progression of attacks

• Can You Be Tracked If You Use a VPN – 2022 Guide

• Microsoft’s new ‘autopatch’ service for Windows PC just took another step forwards

• Ransomware attacks have dropped. And gangs are attacking each other’s victims

• Cybersecurity M&A Roundup: 36 Deals Announced in May 2022

• Virtru launches OpenTDF project to offer orgs zero-trust data controls

• Microsoft Seizes 41 Domains Used in Spear-Phishing Attacks by Bohrium Hackers

• Another nation-state actor exploits Microsoft Follina to attack European and US entities

• Apple Release 2021 Fraud Prevention Analysis

• Hosting Types and What to Look for in a Provider

• Amazon’s Consumer Boss, Dave Clark, Steps Down

• Virtru launches OpenTDF project to offer orgs zero trust data controls

• CISA Warned About Critical Vulnerabilities in Illumina’s DNA Sequencing Devices

• State-Backed Hackers Exploit Microsoft “Follina” Bug to Target U.S. and European Entities

• A week in security (May 30 – June 5)

• Most Reliable Hosting Company Sites in May 2022

• Apple: These are the sorts of apps we blocked from our App Store last year

• Demand for cyber risk insurance soars in Brazil

• Beating Ransomware With Advanced Backup and Data Defense Technologies

• Feature: Beating Ransomware With Advanced Backup and Data Defense Technologies

• Gloucester Council IT Systems Still Not Fully Operational Six Months After Cyber-Attack

• Digital Fingerprints Of A Million Child Abuse Images Made

• Malware Injected Into Every JavaScript File Controlling Thousands Of Sites

• A Warning To Enterprises: It’s Time To Retire On-prem; Migration To Cloud And Modern AppSec Tools Critical To Future Threats, What Do You Think?

• Singapore Officially Launches Digital Platform to Ease Supply Chain Data Flow and Improve Data Efficiencies

• What Is a CVE? Common Vulnerabilities and Exposures Explained

• Phishing Campaign Uses Reverse Tunnels and URL Shorteners

• Top Ways Big Companies Protect their Data

• Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of May 30, 2022

• Critical U-Boot Vulnerability Allows Rooting of Embedded Systems

• Red TIM Research discovers a Command Injection with a 9,8 score on Resi

• 60GB of User Data Was Exposed by Australian Trading Company ACY Securities

• Chinese ride-hailing giant Didi surges 50% after report that regulators are ending probes

• Closing the Door: DeadBolt Ransomware Locks Out Vendors With Multitiered Extortion Scheme

• Maximize your cloud security with isolation zones

• Atlassian Patches Confluence Zero-Day as Exploitation Attempts Surge

• HackerOne OpenASM enables customers to leverage scan data from multiple vendors

• CrowdStrike is a buy as the macro environment becomes more uncertain, Morgan Stanley says

• Hackers Ended the Life of a 150+ Years Old College in Illinois

• Russian Ministry Website Hacked With Pro Ukraine Message

• EU To Agree Universal Mobile Charger Port On Tuesday – Report

• Activists Say Cyber Agency Weakens Voting Tech Advisory

• Russian Ministry Website Reportedly Hacked

• CVE-2022-30190 (Follina) vulnerability in MSDT: description and counteraction

• BEC attacks have risen 53% year-over-year

• How to prevent digital burnout

• OpenText expands its suite of security solutions to strengthen cyber resilience posture for enterprises

• Software developers, how secure is your software ?

• Exclusive: Pro-Russia group ‘Cyber Spetsnaz’ is attacking government agencies

• Skyhigh Security SSE platform enhancements protect data regardless of where it lies

• Tor’s (security) role in the future of the Internet, with Alec Muffett

• Cyber Attack news headlines trending on Google

• Elon Musk pushes Tesla AI Day to September 30 this year

• SMSFactory Android Malware Trick Victims to Subscribes to Premium Services

• Intelligence must drive strategic decisions

• Healthcare-specific cybersecurity problems and how to address them

• Perimeter 81 Secures $100 Million Series C Funding Led By B Capital, Leading to $1 Billion Valuation

• PentaFour Acquires Winterhawk Consulting from Pathlock

• CrowdStrike Reports First Quarter Fiscal Year 2023 Financial Results

• Tech pros have low confidence in supply chain security

• Four steps to successful empathetic investigations

• The costs and damages of DNS attacks

• Costa Rican government held up by ransomware … again

• HITRUST: the Path to Cyber Resilience

• High Seas and High Stakes Communications: Securing the Maritime Industry

• The Intigriti Ethical Hacker Survey 2022

• State-Backed Hackers Exploit Microsoft ‘Follina’ Bug to Target Entities in Europe and U.S

• BluBracket enhances its code security solution to help enterprises protect software supply chains

• Gurucul releases cloud-native SOC platform to improve security analyst effectiveness

• Neosec ShadowHunt identifies threats in business API traffic

• Yandex CEO Arkady Volozh resigns after being added to EU sanctions list

• Welcoming the Indonesian Government to Have I Been Pwned

• Novartis says no sensitive data was compromised in cyberattack

• Foxconn confirms Mexico facility was hit by a ransomware attack

• Motorola phones at risk of hacking with chip-level vulnerability

• IT Security News Weekly Summary – Week 22

• IT Security News Daily Summary 2022-06-05

• A New Paradigm for Absolute Zero Trust and Infrastructure Resiliency

• Secure access for a connected world

• Alert Fatigue Puts Your Organization at Risk; Here’s What to do about it

• How SD-WAN Enables Digital Transformation

• Need Micro-segmentation Superpowers? Visit ColorTokens at RSA

• PoC exploits for Atlassian CVE-2022-26134 RCE flaw released online

• Microsoft Disrupts Bohrium Hackers’ Spear-Phishing Operation

• U.S. Agencies Seize Domains Employed for Selling Credentials

• CrowdStrike to Participate in Upcoming Investor Conferences

• Security Affairs newsletter Round 368 by Pierluigi Paganini

• ACY Accidentally Exposes User Data On Web

• The Ukraine Strain in the U.S.-UAE Partnership

• Get a light, powerful cybersecurity device for under $300

• Hackers stole over $250,000 in Ethereum from Bored Ape Yacht Club

• The Hacker Gold Rush That’s Poised to Eclipse Ransomware

• Atlassian rolled out fixes for Confluence zero-day actively exploited in the wild

• Week in review: Macro-less Office documents zero-day bug, FluBot takedown, growing DDoS threats

• Penetration testing

• CrowdStrike Ranks #1 in Worldwide Corporate Endpoint Security 2021 Market Shares

• Mirantis collaborates with Docker to accelerate application design and delivery for developers

Generated on 2022-06-12 23:59:31.776354