IT Security News Weekly Summary – Week 32

• IT Security News Daily Summary 2022-08-14

• The problem with our cybersecurity problem

• Cisco Confirms Network Breach After Employee’s Google Account was Hacked

• A flaw in Xiaomi phones using MediaTek Chips could allow to forge transactions

• Responsible use of machine learning to verify identities at scale

• Upcoming Speaking Engagements

• Network Perception CEO Robin Berthier to Speak at SCADA Tech Summit

• Rethinking How the United States Trains Foreign Militaries

• U.S. Bans Crypto Mixing Service Tornado Cash

• Thoughts on the Mar-a-Lago Search

• Microsoft Patch Tuesday August Fixes 120+ Vulnerabilities

• Palo Alto Warns About PAN-OS Vulnerability Under Attack

• Researchers Discover Zimbra Authentication Bypass Flaw Under Attack

• Research Finds Facebook Tracks In-App Browser Activities On iOS Devices

• How to Create a Secure Folder on Your Phone

• How Technology Continues to Improve Card Games

• Copyright and Cyber Security Rules for SoundCloud Creators: How to Promote Your Account Safely?

• Week in review: Cisco hacked, Kali Linux 2022.3 released, Black Hat USA 2022

• Penetration testing

• Tornado Cash Developer Arrested After U.S. Sanctions the Cryptocurrency Mixer

• CISA, FBI shared a joint advisory to warn of Zeppelin ransomware attacks

• Bitter APT and Transparent Tribe Campaigns on Social Media

• Appgate Announces Second Quarter 2022 Financial Results

• Peraton gets second chance at $800M in Social Security IT work

• Playing for All the Jelly Beans at the EFF Benefit Poker Tournament at DEF CON

• A New Tractor Jailbreak Rides the Right-to-Repair Wave

• Killnet Claim They’ve Stolen Employee Data from Lockheed Martin

• ColorTokens partners with Aligned Automation to provide end-to-end solutions for enterprise customers

• Protect & Serve with the Cloud Cybersecurity Requirements in the Aerospace and Defense Industry

• Understanding CVSS: Applications of The Common Vulnerability Scoring System

• Data Matters: The ABCs of a Data Classification Policy to Protect Organizational Data

• IT Security News Daily Summary 2022-08-13

• Flaw in the VA Medical Records Platform May Put Patients at Risk

• The Need for Automated Remediation in Saas Security

• Protect Your Executives’ Personal Digital Lives to Protect Your Company

• Google Fined $60M+ for Misleading Australians About Collecting Location Data

• A practical approach to building resilience with zero trust

• Killnet claims to have breached Lockheed Martin

• Flaws in Policybazaar Insurance Firm

• RackTop Systems Named a Sample Vendor for Cyberstorage in Gartner® Hype Cycle™ for Storage and Data Protection Technologies, 2022

• #ISC2Congress: From National Security to Cartel Infiltration – Ciaran Martin and Robert Mazur to Keynote

• Meta’s Own AI Chatbot Criticizes Facebook, Says That It “Exploits People”

• Chinese Hackers Backdoored MiMi Chat App to Target Windows, Linux, macOS Users

• The Feds Gear Up for a Privacy Crackdown

• Who “Owns” Your Infrastructure?

• Conti Ransomware Operators Using ‘BazarCall’ Style Attack as an Initial Vector

• Ukraine’s cyber chief comes to Black Hat in surprise visit

• Three flaws allow attackers to bypass UEFI Secure Boot feature

• Build or Buy your own antivirus product

• Weekly Update 308

• Reddit Enabled Attackers to Perform Mod Actions due to IDOR Flaw

• Top 10 Best Penetration Testing Companies – 2022

• GAO will investigate the troubled TSP recordkeeper transition

• SentinelOne Integrates with Proofpoint for Enhanced Ransomware Protection

• #ISC2CONGRESS – Why you won’t want to miss it!

• State Policymakers Tackling Cyber Issues Including Ransomware

• Twitter – 6,682,453 breached accounts

• The potential consequences of data breach, and romance scams – Week in security with Tony Anscombe

• Mar-a-Lago Search Warrant Unsealed

• What’s in the Unsealed Mar-a-Lago Search Warrant?

• Let there be ambient light sensing, without fear of data theft

• Thousands of Zimbra mail servers backdoored in large scale attack

• Neustar collaborates with Snowflake to improve identity management and data governance

• Palo Alto bug used for DDoS attacks and there’s no fix yet

• A Single Flaw Broke Every Layer of Security in MacOS

• Starlink satellite dish cracked on stage at Black Hat

• States invest in SNAP fraud detection, prevention

• NY State Police to ‘connect the dots’ on social media to track domestic terrorism

• Tech to limit speeds on New York City fleet vehicles

• New research points to hidden vulnerabilities within machine learning systems

• Beijing invests in virtual humans

• 25 emerging tech trends to watch

• IT Security News Daily Summary 2022-08-12

• Researchers Uncover UEFI Secure Boot Bypass in 3 Microsoft Signed Boot Loaders

• The Most Relevant Ransomware Statistics and Facts of 2022

• Intel increases its arsenal against physical hardware attacks

• Patch Madness: Vendor Bug Advisories Are Broken, So Broken

• Zoom’s Auto-Update Feature Came With Hidden Risks on Mac

• Mar-a-Lago Raid Warrant Unsealed

• Software Supply Chain Chalks Up a Security Win With New Crypto Effort

• Where’s Rudy? A Fulton County Court Wants to Know

• A Quick Take on the FTC’s Privacy and Security Rulemaking

• Trump’s Lawyers Say He Will Not Oppose Mar-a-Lago Warrant Unsealing

• The Building Blocks of Zero Trust Security Architectures on AWS

• How cross-operational teams can improve security posture

• US reveals ‘Target’ pic of Conti man with $10m reward offer

• Almost 2,000 data breaches reported for the first half of 2022

• Ways That VoIP Technology Is Impacting Marketplaces and How to Adapt

• Back to School: Tech Savvy vs. Cyber Savvy

• A former watchdog has ideas on dealing with poorly performing inspectors general

• Feds: Zeppelin Ransomware Resurfaces with New Compromise, Encryption Tactics

• Killnet Releases ‘Proof’ of its Attack Against Lockheed Martin

• Microsoft trumps Google for 2021-22 bug bounty payouts

• Here’s What Trump’s ‘Nuclear Documents’ Could Be

• The US offers a $10M rewards for info on the Conti ransomware gang’s members

• The truth about quantum risk cryptography and being ‘quantum safe’

• Domain-based Message Authentication, Reporting and Conformance (DMARC)

• FTC contemplates rules to protect against commercial surveillance and lax data privacy

• Meta Tests Encrypted Backups and End-to-End Encryption in Facebook Messenger

• Latest Cyberthreats and Advisories – August 5, 2022

• The dos and don’ts of startup security: How to develop a security plan

• Researchers Found Series of Vulnerabilities in the Software Underlying Microsoft Teams & Other Apps

• Best penetration testing tools: 2022 buyer’s guide

• Ransomware Gang Hacks Cisco

• Zeppelin Ransomware alert issued by FBI

• CRN Honors Arcserve’s CEO Brannon Lacey as an Innovator on its 2022 Top 100 Executives List

• LATEST CYBERTHREATS AND ADVISORIES – AUGUST 12, 2022

• Crucial Cybersecurity Software Features (2022)

• Senators urge DOJ to flex debarment authority

• Novel Ransomware Comes to the Sophisticated SOVA Android Banking Trojan

• Sounding the Alarm on Emergency Alert System Flaws

• Intel ups protection against physical chip attacks in Alder Lake

• CISA, FBI Warn Organizations of Zeppelin Ransomware Attacks

• US Government Shares Photo of Alleged Conti Ransomware Associate

• Xiaomi Smartphone Vulnerabilities Could Lead to Forged Payments

• FTC Kicks Off Potentially Massive New Regulation On Commercial Surveillance

• Google Ordered To Pay $43m By Australian Court

• Safety first: how to tweak the settings on your dating apps

• Black Hat 2022‑ Cyberdefense in a global threats era

• SolidBit Ransomware Group Recruiting New Affiliates on Dark Web

• How to Clear Security Obstacles and Achieve Cloud Nirvana

• Xiaomi Phones with MediaTek Chips Found Vulnerable to Forged Payments

• Twitter Exposes Personal Information for 5.4 Million Accounts

• Hacker Uses New RAT Malware in Cuba Ransomware Attacks

• Facebook’s In-app Browser on iOS Tracks ‘Anything You Do on Any Website’

• Realtek SDK Vulnerability Exposes Routers From Many Vendors to Remote Attacks

• Microsoft Paid $13.7 Million via Bug Bounty Programs Over Past Year

• Schedule F: An Unwelcome Resurgence

• A Road Map for Tech Policy Experimentation

• Emergency services call-handling provider: Ransomware forced it to pull servers offline

• Hacker Touts Data Sale Of 48.5m Users Of Covid App – Report

• LATEST CYBERTHREATS AND ADVISORIES – AUGUST 12, 2022

• Facebook Tests Default End-to-End Encryption For Messenger

• FTC Looking at Rules to Corral Tech Firms’ Data Collection

• #BHUSA: Bug Bounty Botox – Why You Need a Security Process First

• #BHUSA: Failure to Challenge is a Social Engineering Risk

• U.S. Government Offers $10 Million Reward for Information on Conti Ransomware Gang

• A Taxonomy of Access Control

• UK NHS Hit with Ransomware Attack

• Avoid the worst of the internet with cyber hygiene

• Intel Introduces Protection Against Physical Fault Injection Attacks

• Black Hat USA 2022 – Announcements Summary

• Zero-Day Vulnerability Exploited to Hack Over 1,000 Zimbra Email Servers

• Security Researchers Dig Deep Into Siemens Software Controllers

• FBI, CISA warn over ransomware gang that can make million dollar demands

• #BHUSA: What has Changed in the Post-Stuxnet Era?

• US Unmasks Suspected Conti Ransomware Actor

• Facebook Testing Default End-to-End Encryption and Encrypted Backup in Messenger

• Recovery From NHS Attack Could Take Weeks

• Vulnerabilities on Xiaomi’s mobile payment mechanism which could allow forged transactions : A Check Point Research analysis

• 2022 Threat Report

• Ransomware Prevention and Remediation

• Ransomware attack blamed for closure of all 7-Eleven stores in Denmark

• Zeppelin Ransomware Victims May Need Multiple Decryption Keys

• Fast and Secure VPN on a Budget? Private Internet Access VPN Has You Covered

• Cisco Patches High-Severity Vulnerability Affecting ASA and Firepower Solutions

• Recovery From NHS Ransomware Attack May Take a Month

• Malicious PyPI packages drop ransomware, fileless malware

• 25% of employees don’t care enough about cybersecurity to report a security incident

• Online Platforms Should Stop Partnering with Government Agencies to Remove Content

• Why Cyber Security Is Essential For Digital Marketers & PR Specialists?

• Fake Elon Musk TeslaCoin investment scam costs victims at least $250

• Pay with just your palm at Whole Foods

• Industry All-Stars Take Stage at International Cyber Expo’s Global Cyber Summit

• Experts warn of mass exploitation of an RCE flaw in Zimbra Collaboration Suite

• Want your endpoint security product in the Microsoft Consumer Antivirus Providers for Windows ?

• Researchers Warn of Ongoing Mass Exploitation of Zimbra RCE Vulnerability

• NHS Ransomware attack to be seriously probed

• Amazon, IBM and Cloudflare joining alliance to thwart Cyber Threats

• Event-Driven Architectures & the Security Implications

• Ex-Twitter Employee Found Guilty of Sharing User’s Private Information to Saudi Arabia

• BazarCall attacks have revolutionized ransomware operations

• How bad actors are utilizing the InterPlanetary File Systems (IPFS)

• New infosec products of the week: August 12, 2022

• The impact of exploitable misconfigurations on network security

• Organizations would like the government to help with ransomware demand costs

• Ransomware is not going anywhere: Attacks are up 24%

• Credential harvesting: Is it too big of an attack or can you fight back?

• Supply Chain Cybersecurity – the importance of everyone

• MiniTool Power Data Recovery 11.3 helps users with various data loss situations

• Tidal Cyber Community Edition platform enables businesses to optimize their cyber defenses

• Dynatrace platform enhancements detect vulnerabilities in runtime environments

• 1. Cracking the Hackers: How to Build a 100% Engaged Human Firewall

• FAANGs failing on keeping user data safe from bug hunters

• ArmorCode integrates with Traceable AI to improve application security posture for organizations

• Update now! Microsoft fixes two zero-days in August’s Patch Tuesday

• Slack flaw exposed users’ hashed passwords

• Krebs: Taiwan, Geopolitical Headwinds Loom Large

• Microsoft: We Don’t Want to Zero-Day Our Customers

• An eighties classic – Zero Trust

• Ken Naumann joins NetWitness as CEO

• Arkose Labs expands leadership team with new appointments

• Mesh Security raises $4.5 million to help companies drive zero trust in the cloud

• Higher risks and premiums are creating critical gap in cyber insurance

• Supply-Chain Security Startup Phylum Wins the First Black Hat Innovation Spotlight

• After Colonial Pipeline, Critical Infrastructure Operators Remain Blind to Cyber-Risks

• Security needs to learn from the aviation biz to avoid crashing

• cloudIT Partners with Versa to Deliver Industry-Leading SASE to Client Base

• Russian invasion has dangerously destabilized cyber security norms

• IT Security News Daily Summary 2022-08-11

• NSF invests $26M for smart city engineering research

• AI-powered cameras to enforce bus lanes

• The 4 best VPN services for iPhone and iPad in 2022

• How credential phishing attacks threaten a host of industries and organizations

• SentinelOne discusses the rise of data-wiping malware

• Cisco hacked by access broker with Lapsus$ ties

• AWS and Splunk partner for faster cyberattack response

• Why diversity should have a critical impact on data privacy

• Farmers can save water with wireless technologies, but there are challenges – like transmitting data through mud

• Cisco reveals cyberattack on its corporate network

• Three UK-based Nigerian BEC Scammers Used Construction Intelligence Service to Target Victims

• Azure PostgreSQL User Databases Were Exposed Due to Critical Vulnerabilities

• NFTS Are Cool but Dangerous

• 4 Reasons MSPs Should Monitor Their GitHub Footprint

• Ex-CIA security boss predicts coming crackdown on spyware

• How to Choose the Right Digital Experience Monitoring Solution

• Twilio and Cisco breaches highlight the dangers of social engineering attacks

• Cyber Safety Review Board staffs up

• Senate chairman presses for details on deleted Jan. 6 texts

• How CI/CD pipelines are putting enterprise networks at risk

• Zero Day Initiative launches new bug disclosure timelines

• Sonatype spots another PyPI package behaving badly

• Defend your network with Microsoft outside-in security services

• 85% of Android users are concerned about privacy

• The US Offers a $10M Bounty for Intel on Conti Ransomware Gang

• CISA Adds Two Known Exploited Vulnerabilities to Catalog 

• Conti Cybercrime Cartel Using ‘BazarCall’ Phishing Attacks as Initial Attack Vector

• Agencies are still wrangling over death data

• OT Security Firm Warns of Safety Risks Posed by Alerton Building System Vulnerabilities

• Cisco Patches High-Severity Vulnerability in Security Solutions

• It Might Be Our Data, But It’s Not Our Breach

• Cyber-Insurance Fail: Most Businesses Lack Ransomware Coverage

• CISA Adds Two Known Exploited Vulnerabilities to Catalog 

• Palo Alto Networks warns of Reflected Amplification DoS issue in PAN-OS

• Photos: Black Hat USA 2022, part 2

• CISA Unveils Cybersecurity Toolkit to Shield US Elections From Hackers

• 4 Flaws, Other Weaknesses Undermine Cisco ASA Firewalls

• Sloppy Software Patches Are a ‘Disturbing Trend’

• Cisco Releases Security Update for Multiple Products

• Keeping the enemy at the gate

• UK’s CMA Begins Probe Of Viasat Acquisition Of Inmarsat

• New Cross-Industry Group Launches Open Cybersecurity Framework

• BrightCloud® Threat Report Mid-Year Update: Reinvention is the Name of the Game

• Cisco Releases Security Update for Multiple Products

• Microsoft Bug Bounty Programs Year in Review: $13.7M in Rewards

• New York City’s IT czar answers to monkeypox website failures

• Google wants to make Linux kernel flaws harder to exploit

• Google researchers dissect Android spyware, zero days

• Zimbra RCE Vulnerability Exploited Without Admin Privileges

• Cisco Confirms It’s Been Hacked by Yanluowang Ransomware Gang

• Photos: Black Hat USA 2022

• Cisco Confirms Cyberattack

• Detecting DNS implants: Old kitten, new tricks – A Saitama Case Study

• Don’t be surprised if your organization suffers multiple cyberattacks

• #ISC2Congress Theme: EMPOWER

• How to reduce your exposure & secure your data in the cloud in 5 quick ways

• AT&T Cybersecurity Insights Report: A Focus on Manufacturing

• Starlink Successfully Hacked Using $25 Modchip

• Android Banking Trojan SOVA Comes Back With New Features Including Ransomware

• #StopRansomware: Zeppelin Ransomware

• #StopRansomware: Zeppelin Ransomware

• Sneak Peek: Hive’s RaaS Techniques

• Cisco Admits ‘Security Incident’ After Breach Of Corporate Network

• New Hacker Forum Takes Pro-Ukraine Stance

• Researchers Find Stolen Algorithms in Commercial Cybersecurity Products

• #StopRansomware: Zeppelin Ransomware

• #StopRansomware: Zeppelin Ransomware

• Researchers Use Invisible Finger To Remotely Control Touchscreens

• Meta’s Chatbot Says The Company Exploits People

• NHS IT Supplier Held To Ransom By Hackers

• The Chatter Podcast: Journalism as Fodder for Fiction with Mary Louise Kelly

• From Defending the Open Internet to Confronting the Reality of a Fragmented Cyberspace: Reflecting Upon Two CFR Reports on U.S. Goals in Cyberspace

• Photos: Black Hat USA 2022 Arsenal

• Cisco has been hacked by a ransomware gang

• S3 Ep95: Slack leak, Github onslaught, and post-quantum crypto [Audio + Text]

• Google Seeks To Shame Apple Over RCS Refusal

• Security Considerations for Data Lakes

• Cybersecurity and PR: Making Data Protection Public

• 7 New Technologies That Made Riding Motorcycles Safer

• Facebook testing encrypted chat backups

• Incident Response for Health Care IT: Differences and Drivers

• Facebook Turns Over Private User Data To Police In Abortion Case

• The Time Is Now for IoT Security Standards

• Facebook testing new encrypted backups for Messenger chat app

• Cisco Was Hacked by Yanluowang Ransomware Operators to Stole Internal Data

• #BHUSA: The Cyber Safety Review Board Outlines Log4j Lessons

• Meta Just Happens to Expand Messenger’s End-to-End Encryption

• Hacking Starlink

• Elon Musk Wants Staff Names Of Twitter’s Bot Counters

• Cisco Confirms Network Breach Via Hacked Employee Google Account

• Palo Alto Networks Firewalls Targeted for Reflected, Amplified DDoS Attacks

• Critical Vulnerabilities Found in Device42 Asset Management Platform

• New Open Source Tools Launched for Adversary Simulation

• CopperStealer Distributes Malicious Chromium-based Browser Extension to Steal Cryptocurrencies

• New HTTP Request Smuggling Attacks Target Web Browsers

• How Cisco Get Hacked With 2.8GB From Corporate Network, Experts Weigh In

• “Hi Mum” Phishing Scam Swindles Unsuspecting Parents

• Establishing Trust In An Online World With Digital Identity

• NetWitness Platform XDR 12 offers visibility into all key data planes across an organization

• Checkmarx API Security identifies shadow and zombie APIs during software development

• #ISC2Congress: Empower Your Weekend with Training

• Cybercriminals Breached Cisco Systems and Stole Data

• Palo Alto Networks Firewalls Targeted for Reflected, Amplified DDoS Attack

• #BHUSA: Russia’s Wiper Attacks Against Ukraine Detailed

• 120K Priority Health Members Impacted By Third-Party Data Breach

• 6 Tech Tips: How To Use Instagram To Promote Your Brand

• Making the cloud a safer place with SANS

• #BHUSA: Chris Krebs Explains How Cybersecurity Can Improve

• #BHUSA: New Open Source Group Set to Streamline Threat Detection

• This Anti-Tracking Tool Checks If You’re Being Followed

• Meta Just Happens to Expand Messenger’s End-to-End Encryption

• What the Zola Hack Can Teach Us About Password Security

• Hackers Behind Cuba Ransomware Attacks Using New RAT Malware

• Hackers are still using these old security flaws in Microsoft Office. Make sure you’ve patched them

• New Identity Verification Feature Boosts Google Workspace Protections

• Ransomware Data Theft Epidemic Fuelling BEC Attacks

• Critical Flaws Disclosed in Device42 IT Asset Management Software

• Campaign Launched to Stop People From Becoming Money Mules

• Concentric releases AI-based solution to protect data shared across business messaging platforms

• Syxsense Zero Trust enables security teams to build access policies and remediation workflows

• Code42 collaborates with Nullafi to prevent data exfiltration by high-risk and departing employees

• NIST’s Post-Quantum Cryptography Standards

• Former Twitter Executive Convicted Of Spying For Saudi Arabia

• Suspected $3m Romance Scammer Extradited to Japan

• Which malware delivery techniques are currently favored by attackers?

• Google Begs Apple to Replace iMessage with RCS – Intego Mac Podcast Episode 252

• OpenTIP, command line edition

• Meta Raises $10 Billion In Bond Offering

• Stolen credentials are the most common attack vector companies face

• Do you know what your supply chain is and if it is secure?

• GitHub Dependabot Now Alerts Developers On Vulnerable GitHub Actions

• Sophos warns about simultaneous Cyber Attacks

• Yanluowang Ransomware Attack on Cisco confirmed

• Digital milestones for elementary schoolers

• Cisco admits corporate network compromised by gang with links to Lapsus$

• Cisco fixed a flaw in ASA, FTD devices that can give access to RSA private key

• Ex Twitter employee found guilty of spying for Saudi Arabian government

• SquarePhish: Advanced phishing tool combines QR codes and OAuth 2.0 device code flow

• Implementing zero trust for a secure hybrid working enterprise

• Forescout Announces the Appointment of Rik Ferguson to VP of Security Intelligence

• SentinelOne Unveils XDR Ingest to Transform Data-Defined Cybersecurity

• MetLife Doubles Down on Technology Hiring in North Carolina

• SSCP Exam – Changes on the Way!

• The lifecycle of a software vulnerability

• Convergence and adoption of AI and ML countering the cyber threat

• Podcast: Inside the Hackers’ Toolkit

• Pentera Credential Exposure reveals compromised identity threats to internal and external attack surface

• As the cost of cyber insurance rises, the number of organizations who can’t afford it is set to double

• Why SAP systems need to be brought into the cybersecurity fold

• Cloudflare Users Targeted by Hackers that Breached into Twilio

• Cracking the Hackers: How to Build a 100% Engaged Human Firewall

• Top 7 Best Endpoint Detection & Response Products With Sandboxing Solutions – 2022

• 5 Steps to Rethink High Severity to Save Developer Productivity

• Key Highlights from the New NIST SSDF

• How to Compromise a Modern-Day Network

• IRONSCALES Security Awareness Training educates users about phishing attacks

• ActZero Ransomware Readiness Assessment strenghtens ransomware defense for SMEs

• Meta privacy red team lead: Does your business know its privacy adversaries?

• Researching the Windows Registry

• Kajeet and Samsung join forces to deliver 5G private network solutions

• Mirantis collaborates with Nuaware to eliminate Kubernetes complexity for developers

• Department of Defense selects Torch.AI for new cyber and insider threat system

• Open Cybersecurity Schema Framework project helps organizations detect and defend from cyberattacks

• Spirent “Send Us Your Device” service opens new routes for Wi-Fi equipment testing

• ‘Boring is best’: Citi says it’s a bear market rally and shares how to beat the volatility

• Boffins rate npm and PyPI package security and it’s not good

• Ex-CISA chief Krebs calls for US to get serious on security

• Ermetic addresses IAM weaknesses in multi-cloud environments

• Multiple Vulnerabilities Discovered in Device42 Asset Management Appliance

• SimSpace Partner Network enables organizations to boost their cyber readiness

• Industroyer2: How Ukraine avoided another blackout attack

• Understanding 3 key automated DevSecOps tools

• Google’s Android Red Team Had a Full Pixel 6 Pwn Before Launch

• Observations on Iran’s Plot to Kill John Bolton

• IT Security News Daily Summary 2022-08-10

• Why managed detection and response (MDR) adoption is growing among small businesses

• Carbon footprint data helps local authorities lower emissions

• Zero Trust Speeds Ransomware Response, Illumio-Bishop Fox Test Finds

• Cisco was hacked by the Yanluowang ransomware gang

• CISA issues cybersecurity toolkit for election officials

• Get Dashlane Premium password manager for 3 mo for $1

• As Black Hat kicks off, the US government is getting the message on hiring security talent

• Hackers have stolen $1.4 billion this year using crypto bridges. Here’s why it’s happening

• Top 5 best backup practices

• Many ZTNA, MFA Tools Offer Little Protection Against Cookie Session Hijacking Attacks

• Former CISA chief wants a new, cross-cutting new agency to lead federal cyber

• Semiconductor bill to fund 20 regional technology hubs

• Ethical hacking: How to conduct a Sticky Keys hack

• Is ethical hacking legal? And more ethical hacking advice

• Mimecast Announces Mimecast X1™ Platform Providing Customers With Email and Collaboration Security

• Rethinking Software in the Organizational Hierarchy

• 2022-08-08 – IcedID (Bokbot) with Cobalt Strike

• Organizations Warned of Critical Vulnerabilities in NetModule Routers

• Mimecast Announces Mimecast X1™ Platform Providing Customers With Email and Collaboration Security

• Palo Alto Networks Releases Security Update for PAN-OS

• How California Reproductive Health Workers Can Protect Information They Submit to the Government

• The Army is hunting for more soldier-connected tech

• Mimecast Announces Mimecast X1™ Platform Providing Customers With Email and Collaboration Security

• A Long-Awaited IoT Reverse Engineering Tool Is Finally Here

• Palo Alto Networks Releases Security Update for PAN-OS

• Intern with Lawfare!

• Maui ransomware linked to North Korean group Andariel

• Improve Threat Detection & Response with OCSF

• More Dangers of Cyberbullying Emerge—Our Latest Connected Family Report

• Beeck Center’s Cori Zarek tapped for deputy post at USDS

• APIC/EPIC! Intel chips leak secrets even the kernel shouldn’t see…

• DeathStalker’s VileRAT Continues to Target Foreign and Crypto Exchanges

• Mimecast Announces Mimecast X1™ Platform Providing Customers With Email and Collaboration Security

• Risky Business: Enterprises Can’t Shake Log4j flaw

• What we know about VMWare CVE-2022–31656 and CVE-2022–31659

• Security vulnerabilities found in Intel and AMD processors

• Download New Kali Linux 2022.3

• Global Scam-as-a-service Operation “Classiscam” Target Users to Steal Payment Data

• Mimecast Announces Mimecast X1™ Platform Providing Customers With Email and Collaboration Security

• CISA Releases Cybersecurity Toolkit to Protect U.S. Elections

• Former Twitter Employee Found Guilty of Spying for Saudi Arabia

• Making Linux Kernel Exploit Cooking Harder

• Are cloud containers a sugar-coated threat?

• Is banning Chinese products in the name of National Security working for countries

• Google Fiber Plans US Network Expansion – Report

• Republicans are pushing back on the Biden administration’s infrastructure-fueled hiring spree

• Top malware of 2021 has been in use for years, CISA warns

• Google’s bug bounty boss: Finding and patching vulns? ‘Totally useless’

• NIST Post-Quantum Algorithm Finalist Cracked Using a Classical PC

• Cloudflare Also Targeted by Hackers Who Breached Twilio

• Cyber-criminals Shift From Macros to Shortcut Files to Hack Business PCs, HP Report

• Bugcrowd Taps Top Hackers for Live Hacking Event with Indeed at 2022 Black Hat Conference

• OPSWAT Presents New Malware Analysis Capabilities for Operational Technology at Black Hat USA 2022

• CISA Releases Cybersecurity Toolkit to Protect U.S. Elections

• Microsoft Patches Dogwalk Zero Day And 17 Critical Flaws

• Cloudflare: Someone Tried To Pull The Twilio Phishing Tactic On Us

• APIC Fail: Intel Sunny Cove Chips With SGX Spill Secrets

• Former Twitter Employee Convicted As Saudi Spy

• Ukrainian Website Threat Landscape Throughout 2022

• In U.S. v. Al-Nashiri the Government Is Rewarding Torture and Incentivizing Torturers

• We’re shifting investment focus towards security, says Akamai co-founder and CEO

• Hackers Breached Accounts of Twilio Users

• Samsung Unveils Two New Folding Smartphones

• Dave Piscitello in the Fight Against Phishing | Avast

• Biden signs semiconductor Bill, spurring hopes for new jobs and manufacturing around the U.S.

• HHS dedicates $90M to community health data modernization

• Cloudflare was the target of a sophisticated phishing attack. Here’s why it didn’t work

• The Security Pros and Cons of Using Email Aliases

• Deepfence ThreatMapper 1.4 Unveils Open Source Threat Graph to Visualize Cloud-Native Threat Landscape

• Experts found 10 malicious packages on PyPI used to steal developers’ data

• Is it Illegal to Scrape a Website for Content?

• Dark Utilities C2 as a service tool leverages IPFS, targets several operating systems

• Implementing security benchmarks with Red Hat Ansible Automation Platform

• Former Twitter Worker Convicted Of Spying For Saudi Arabia

• SASE – The Risk Of Over-rationalising

• A New SolidBit Ransomware Variant Hit Famous Games

• Number of Ransomware Attacks on Industrial Orgs Drops Following Conti Shutdown

• Zero Trust Provider Mesh Security Emerges From Stealth Mode

• How Bot and Fraud Mitigation Can Work Together to Reduce Risk

• Security Firm Finds Flaws in Indian Online Insurance Broker

• The Hacking of Starlink Terminals Has Begun

• Experts Uncover Details on Maui Ransomware Attack by North Korean Hackers

• Three Ransomware Gangs Consecutively Attacked The Same Network

• Cycode’s new software supply chain features identify vulnerabilities in all phases of the SDLC

• NetSPI unveils two open-source tools to assist defence teams in uncovering vulnerable network shares

• Veracode platform enhancements improve developers’ ability to secure software supply chains

• Gurucul’s poly-cloud and multi-cloud offering accelerates security teams’ ability to mitigate threats

• Deepfence ThreatMapper 1.4 empowers organizations to visualize cloud native threat landscape

• Cloudflare: Someone tried to pull the Twilio phishing tactic on us too

• Elon Musk Sells Tesla Shares Worth $6.9 Billion

• Emotet Tops List of July’s Most Widely Used Malware

• Flow Security Launches Next-Gen Data Security Platform Following $10 Million Seed Round

• Compliance Certifications: Worth the Effort?

• Hackers behind Twilio data breach also targeted Cloudflare employees

• Python Packages Discovered On The PyPI Repository

• Chinese Hackers Targeted Dozens Of Industrial Enterprises And Public Institution, Exper Weighs In

• Number Of Firms Unable To Access Cyber-Insurance Set To Double

• North Korea Linked APT: US Sanctions Crypto Mixer Tornado Cash

• UntitledFlow Security Launches Next-Gen Data Security Platform Following $10 Million Seed Round

• Sysdig incorporates machine learning to detect cryptojacking attempts

• Microsoft Patches ‘Dogwalk’ Zero-Day and 17 Critical Flaws

• Dark Reading News Desk: Live at Black Hat USA 2022

• VirusTotal += Google

• Facebook At Centre Of US Teenager Home Abortion Case

• SAP Patches Information Disclosure Vulnerabilities in BusinessObjects

• UnRAR Vulnerability Exploited in the Wild, Likely Against Zimbra Servers

• Cyberattack Victims Often Attacked by Multiple Adversaries: Research

• Intel Patches Severe Vulnerabilities in Firmware, Management Software

• (ISC)² and F5 Examine OWASP’S “Top 10” Report on New Web Application Security Risks

• Security Automation Can Save You $3.05M in a Data Breach

• China calls out US semiconductor bill as anti-competitive

• MIRACL is One Cybersecurity Company to Watch in 2022

• Hackers Behind Twilio Breach Also Targeted Cloudflare Employees

• The Business of Hackers-for-Hire Threat Actors

• Details about the Twitter’s Insider Threat

• Finland Parliament witnesses Cyber Attack

• President Biden Signs $53 Billion US Chips Act

• July 2022’s Most Wanted Malware: Emotet Takes Summer Vacation but Definitely Not ‘Out-of-Office’

• Microsoft’s big Patch Tuesday fixes exploited zero-day flaw and 120 more bugs

• This company didn’t spot the flaw in their network. But three ransomware gangs did

• Predator Pleads Guilty After Targeting Thousands of Girls Online

• CISA adds UnRAR and Windows flaws to Known Exploited Vulnerabilities Catalog

• Top 7 Best Wholesale Liquidation Companies in the Canada

• Businesses should dump Windows for the Linux desktop

• Ransomware, stolen credentials and human error top Verizon’s 2022 data breach report

• AppOmni receives funding from Cisco Investments to expand SaaS coverage

• OPSWAT’s malware analysis capabilities protect ICS/OT environments against cyber threats

• WhatsApp Update To Allow Users To Leave Groups Silently

• Cybercriminals work 24/7  — so should your cybersecurity

• Network misconfigurations cost organizations 9% of annual revenue

• 3 Types of Network Attacks to Watch Out For

• Exploit Activity Surges 150% in Q2 Thanks to Log4Shell

• VileRAT: DeathStalker’s continuous strike at foreign and cryptocurrency exchanges

• Unitree Robot Gun Carrying Dog Disabled by Remote Hacking Tool

• Hackers Use Open Redirect Vulnerabilities in Online Services to Deliver Phishing Content

• Meta Take Action Against Two Cyber Espionage Operations in South Africa

• SecurityScorecard provides a combination of services and platform to help CISOs manage cybersecurity risks

• Lacework strengthens threat detection capabilities to uncover more threats and speed investigation at scale

• Majority of SMBs lack 24/7 security operations to detect threats

• TrustedSite Halo Security help organizations protect data from external attackers

• Surge in CVEs as Microsoft Fixes Exploited Zero Day Bugs

• Benefits of Security Camera Systems

• From zero to hero in blockchain security – A CP workshop at DEF CON 30

• VMware warns of public PoC code for critical auth bypass bug CVE-2022-31656

• Cyber Security Management System (CSMS) for the Automotive Industry

• Microsoft Issues Patches for 121 Flaws, Including Zero-Day Under Active Attack

• CISA Issues Warning on Active Exploitation of UnRAR Software for Linux Systems

• Keytos EZSmartCard enables organizations to go passwordless

• Back to school: Managing your high schooler’s digital milestones

• The challenges of managing the modern external attack surface

• Identity is the killer context: 4 ways to stay in control

• AWSGoat: Easy to deploy vulnerable AWS infrastructure for pentesters

• Real-world threat response: What are organizations doing wrong?

• Top malware of 2021 has been in use for years, CISA Warns

• SentinelOne Announces Date of Fiscal Second Quarter 2023 Financial Results Conference Call and Participation in Upcoming Investor Conferences

• University of Phoenix Lead Cybersecurity Faculty Stephanie Benoit-Kurtz to Keynote Women in Technology Event

• Kali Linux 2022.3 Released – What’s New !

• Cyber Threats – The New Norm in Data Security

• Jury Finds Ex-Twitter Worker Spied for Saudi Royals

• Software Development Pipelines Offer Cybercriminals ‘Free-Range’ Access to Cloud, On-Prem

• Cymulate improves risk visibility for businesses with new analytics capabilities

• BigID unveils automated end-to-end remediation capabilities for sensitive file access in the cloud

• NETSCOUT Arbor Insight enhances security and operational awareness for network operators

• Anomali platform updates help security teams profile the adversary

• 36% of orgs expose insecure FTP protocol to the internet, and some still use Telnet

• Kali Linux 2022.3 Released With Real-time Chat, Test Lab, and New Tools

• INVISV PGPP allows consumers to control their personal data

• Traceable AI announces enhanced data security capabilities to address more specific types of API attacks

• One of 5G’s Biggest Features Is a Security Minefield

• VERT Threat Alert: August 2022 Patch Tuesday Analysis

• Balbix integrates with ServiceNow to automate and improve cyber risk quantification

• guardDog.ai partners with VMware to protect users and networks from attempted cyberattacks

• Silobreaker and PolySwarm strengthen partnership to provide users with access to enriched data intelligence

• Darktrace and HackerOne join forces to help organizations close their security gap

• Vicarius vsociety enables peer-to-peer networking and open-source collaboration on vulnerability research

• Twitter data breach affects 5.4M users

• Can your EDR handle a ransomware attack? 6-point checklist for an anti-ransomware EDR

• Twilio breached after social engineering attack on employees

• 5 cybersecurity tips for students going back to school

• Microsoft Releases August 2022 Security Updates

• Microsoft Releases August 2022 Security Updates

• What We Do and Don’t Know about the FBI’s Mar-a-Lago Search

• Internet Society Foundation launches second round of innovation grants to advance internet connectivity

• ComplyAdvantage names Andrew Davies as Head of Regulatory Affairs

• Microsoft Patch Tuesday, August 2022 Edition

• One of 5G’s Biggest Features Is a Security Minefield

• VMware Releases Security Updates

• Adobe Releases Security Updates for Multiple Products

• Ransomware gangs move away from exploiting Microsoft Office macros

• VMware Releases Security Updates

• Adobe Releases Security Updates for Multiple Products

• Many orgs are still failing to address Log4j — here’s why

• How to reset your Windows 10 password when you forget it

• Patch Tuesday: Yet another Microsoft RCE bug under active exploit

• IT Security News Daily Summary 2022-08-09

• The best offense is a strong defense: Improve cloud security with visibility and zero trust segmentation

• How to move a data center

• Microsoft Patch Tuesday for August 2022 fixed actively exploited zero-day

• IRS free file figures into Senate Dems’ reconciliation bill

• Exploit Code Published for Critical VMware Security Flaw

• Microsoft Patches Zero-Day Actively Exploited in the Wild

• Microsoft fixes exploited zero-day in Windows Support Diagnostic Tool (CVE-2022-34713)

• Apache Kafka in Crypto and Finserv for Cybersecurity and Fraud Detection

• Why web apps need to improve secure service access

• VA systems vulnerable to cyber intrusions due to lack of effective oversight, report says

• Blueprint builds a ‘common language’ for ransomware protection

• Halo Security Emerges From Stealth With Full Attack Surface Management Platform

• CISA Adds Two Known Exploited Vulnerabilities to Catalog 

• IT pros weigh COVID-19 risks, safety at tech conferences

• CISA Adds Two Known Exploited Vulnerabilities to Catalog 

• Zero Trust Architecture: Adoption, Benefits, and Best Practices

• The OT Security Conundrum: Vulnerabilities, Skill Gaps, and Operational Silos

• Key parts of US laws are hard for the public to find and read

• Cities can apply for free monitoring of sewage for signs of monkeypox

• Google to add three APAC cloud regions as data demand climbs

• Already Exploited Zero-Day Headlines Microsoft Patch Tuesday

• Security Compliance & Data Privacy Regulations

• Big Takeaways From the FBI’s Mar-a-Lago Raid

• Bipartisan bill aims to use grants to increase drone usage for infrastructure assessment

• Kali Linux 2022.3 released: Packages for test labs, new tools, and a community Discord server

• The Story Behind the Linux Security Quick Reference Guide

• The 2-Minute Test for Kubernetes Pod Security

• VA names functional champion to help streamline embattled EHR rollout

• Virtual Currency Platform ‘Tornado Cash’ Accused of Aiding APTs

• ÆPIC Leak: Architectural Bug in Intel CPUs Exposes Protected Data

• Security Update Guide Notification System News: Create your profile now

• Abusing Kerberos for Local Privilege Escalation

• Researchers Debut Fresh RCE Vector for Common Google API Tool

• Cybrary Unveils Next-Generation Interactive, Hands-On Training Experience to Upskill Cybersecurity Professionals

• Nation-State Hackers Targeted Facebook in Cyber Espionage Attacks – Meta

• Amazon iRobot play takes ambient intelligence efforts to next level

• Microsoft Edge adds a new security layer for browsing ‘unfamiliar’ sites

• APIC fail: Intel ‘Sunny Cove’ chips with SGX spill secrets

• Adobe Patch Tuesday: Code Execution Flaws in Acrobat, Reader

• AMD Processors Expose Sensitive Data to New ‘SQUIP’ Attack

• Netscout Arbor Insight Leverages Patented ASI Technology to Enhance Security and Operational Awareness for Network Operators of Any Scale

• US Oil and Gas Sector at Risk of a Cyberbreach, According to BreachBits Study

• Russia-Ukraine Conflict Holds Cyberwar Lessons

• Domino’s Takes a Methodical Approach to IoT

• Raspberry Robin: Highly Evasive Worm Spreads over External Disks

• Experts linked Maui ransomware to North Korean Andariel APT

• What Is Encryption and Do You Need It?

• Chinese APT Hackers Target Govt & Defense Orgs Using New Windows Malware

• EaseUS Partition Master: Partition management software review

• New Malicious Python Libraries Found on PyPI Repository

• Twilio Suffers Data Breach After Employees Fall Victim to SMS Phishing Attack

• The Aftermath, Episode 4: A Bipartisan Interlude

• Global Scam Operation “Classiscam” Expanded to Singapore

• Hackers Targeted Facebook in Cyber Espionage Campaigns – Meta

• Privya Emerges From Stealth With Data Privacy Code Scanning Platform

• Top 6 e-signature software providers in 2022

• Lacework Updates Threat Detection To Uncover More Malicious Activity and Speed Investigation at Scale

• North Korean Hackers Target CryptoJob Seekers To Evade Western Countries Against Sections

• Asymmetric vs symmetric encryption: What’s the difference?

• US Treasury Sanctions Virtual Currency Mixer For Connections With Lazarus Group

• Malicious deepfakes used in attacks up 13% from last year, VMware finds

• Hackers Use Malware To Spy on Emails

• Technical support scam still alive and kicking

• Vulnerability scanning vs penetration testing: What’s the difference?

• ICS Patch Tuesday: Siemens, Schneider Electric Fix Only 11 Vulnerabilities

• Microsoft Publishes Office Symbols to Improve Bug Hunting

• Facebook Is Being Sued For $50 Million For Not Taking Down An Imposter Page

• Don’t Take the Cyber Safety Review Board’s Log4j Report at Face Value

• Chinese actors behind attacks on industrial enterprises and public institutions

• China-Linked Spies Used Six Backdoors To Steal Info From Defense, Industrial Enterprise Orgs

• Crypto And The US Government Are Headed For A Decisive Showdown

• Scientists Hid Encryption Key For Wizard Of Oz Text In Plastic Molecules

• Twilio Customer Data Exposed After Its Staffers Got Phished

• Chinese Scams Target Kids With Promise Of Extra Gaming Hours

• Sophos announces eight presentations at Black Hat USA 2022, BSides Las Vegas and DEF CON 30

• Patch Tuesday August 2022 – Microsoft Fixes 21 Vulnerabilities, Including a Zero-Day Bug

• Security for next generation telecommunication networks

• NetSPI rolls out 2 new open-source pen-testing tools at Black Hat

• Report Provides Updates on July’s Maui Ransomware Incident

• Human Threat Hunters Are Essential to Thwarting Zero-Day Attacks

• Will Europe Force a Facebook Blackout?

• The Advantages of Breach and Attack Simulation for Data Security

• The Pentagon’s plan to speed up software buying for weapons systems

• Microsoft’s fix for ‘data damage’ risk hits PC performance

• The Truth About False Positives in Security

• U.S. Sanctions Virtual Currency Mixer Tornado Cash for Alleged Use in Laundering

• Water Wars: Speaker Pelosi’s Taiwan Visit Ignites U.S.-China Tensions

• A Century-and-a-Half Look at the Waves of Global Terrorism

• Email Is The Single Biggest Threat To Businesses, And Here’s What You Can Do About It

• Why Data Security Is No Longer Optional (And How To Start)

• Submit Your Comments to NIST Regarding HIPAA Security

• North Korean Hackers Use Malware To Spy on Emails

• US Blacklists Tornado Cash, GitHub Removes Co-Founder in Response

• Privya develops solution to shift data security left, leaves stealth

• Twilio Suffers Phishing Attack, Compromising Customer Data – Expert Commentary

• Targeted Attacks On Industrial Enterprises And Public Institutions

• LogoKit update: The phishing kit leveraging open redirect vulnerabilities

• Cybersecurity: Why We’re Stronger Together

• Why Physical Security Should Be Part of a Cybersecurity Strategy

• Phishing Scam Exploit’s American Express, Snapchat Open-Redirect Threats

• Forecasting Metaverse Threats: Will it Become Metaworse?

• IBM Patches High-Severity Vulnerabilities in Cloud, Voice, Security Products

• Black Hat 2022: Ten Presentations Worth Your Time and Attention

• Zuckerberg Unveils New WhatsApp Privacy Features, Experts Weigh In

• Why Cybersecurity Needs to be a Part of Your ESG

• Twilio confirms data breach after its employees got phished

• Three ransomware gangs consecutively attacked the same network

• 16-31 July 2022 Cyber Attacks Timeline

• Spin Technology zeros-in on SaaS app security, raises $16M

• 10 Credential Stealing Python Libraries Found on PyPI Repository

• Controlling the Source: Abusing Source Code Management Systems

• 7-Eleven Stores in Denmark Close After Cyberattack

• 7 Different Ways Technology Has Changed the Way We Cook

• 7 Impressive Technological Storage Ideas to Organize Your Room

• US Lawmakers Kick Off Push For Federal Autonomous Vehicle Laws

• Information Commissioner To Investigate Targeted Gambling Ads

• Check Point Research: Education sector experiencing more than double monthly attacks, compared to other industries

• How to check if your PC has been hacked, and what to do next

• Health Adviser Fined After Illegally Accessing Medical Records

• US sanctioned crypto mixer Tornado Cash used by North Korea-linked APT

• Twilio Suffers Phishing Based Data Breach

• Twilio confirmes data breach after its employees got phished

• A Cyberattack Forced the Shutdown of 7-Eleven Stores in Denmark

• Beware of New Malware that Distributed through Compromised YouTube Accounts

• Andariel deploys DTrack and Maui ransomware

• Qualcomm Adds $4.2bn To GlobalFoundries Semiconductor Deal

• Nvidia Warns Of 44 Percent Drop In Gaming Sales

• Malicious file analysis – Example 01

• Why is device protection for kids valuable?

• Smishing Attack Led to Major Twilio Breach

• NHS Works To Restore 111 System After Cyber-Attack Causes Delays

• SoftBank Sells Off Uber Stake, Cuts Vision Fund Staff

• Number of Firms Unable to Access Cyber-Insurance Set to Double

• Chinese Hackers Targeted Dozens of Industrial Enterprises and Public Institutions

• Enterprises are actively consolidating security vendors and integrating technologies

• Cyber syndicates are working with amateur attackers to target businesses

• Looking for adding new detection technologies in your security products?

• BT Completes Carrier Aggregation Trial In Europe 5G First

• Phishing attack adds pressure with countdown clock

• Critical Vulnerability in Emergency Alert Systems of United States

• deBridge Finance confirms Lazarus hacking group behind Cyber Attack

• Understanding your attack surface is key to recognizing what you are defending

• Masscan – World’s Fastest Scanner – Scan the Entire Internet in Under 6 Minutes

• Introducing the book: If It’s Smart, It’s Vulnerable

• Dissecting Google’s Titan M chip: Vulnerability research challenges

• NetRise Platform provides continuous monitoring of XIoT firmware vulnerabilities

• HYAS Confront gives DevSecOps teams complete visibility into their production environment

• 5 key things we learned from CISOs of smaller enterprises survey

• Application Security Report 2022: Key Trends and Challenges

• US Sanctions Crypto ‘Laundering’ Service Tornado

• Chinese scammers target kids with promise of extra gaming hours

• Tata Communications enhances InstaCC platform to help users connect across varied channels

• 10 Malicious Code Packages Slither into PyPI Registry

• China-linked spies used six backdoors to steal info from defense, industrial enterprise orgs

• Hackers Compromise Employee Accounts to Access Twilio Internal Systems

• Auth0 (Okta) vs. Cognito

• A week in security (August 1 – August 7)

• KMSpico explained: No, KMS is not “kill Microsoft”

• How to find out if you are involved in a data breach — and what to do next

• An Attacker’s Perspective

• Github Moves to Guard Open Source Against Supply Chain Attacks

• Cymulate names Maria Mastakas as COO and Carolyn Crandall as CMO and Chief Security Advocate

• US treasury whips up sanctions for crypto mixer Tornado Cash

• Orchard botnet uses Bitcoin Transaction info to generate DGA domains

• Vertiv appoints Jakki Haussler to its Board of Directors

• How digital twins are transforming network infrastructure: Future state (part 2)

• High School Teacher Gets 30 Yrs for Sextortion Crimes Against Children

• IT Security News Daily Summary 2022-08-08

• Senate Dems have joined the push to block a Schedule F revival

• Lawyers may be limiting threat info sharing

• Mobile threats prompt operational changes for government staff

• Top 8 in-demand cybersecurity jobs for 2022 and beyond

• Rise of precision agriculture exposes food system to new threats

• Emergency alert system vulnerable, FEMA warns

• Stegomalware Surge – Attackers Using File, Video, Image & Others To Hide Malware

• Finance sector looks to block cyber reporting rules for critical industry in House defense bill

• Oil and Gas Cybersecurity: Industry Overview Part 1

• Facebook’s Metaverse is Expanding the Attack Surface

• Benefits & Drawbacks of Using a VPN on Linux

• BruteDum- A network attack bruteforce tool

• BrightCloud® Threat Report Mid-Year Update: Reinvention is the Name of the Game

• USDA to test mobile SNAP payments with state partners

• Most Organizations Do DMARC Wrong. Here’s How to Do It Right.

• Twilio discloses data breach that impacted customers and employees

• Five Data Security Controls and Processes you Must Bring to Cloud-native Infrastructures

• Senate appropriators seek alternatives to TMF

• A Phone Carrier That Doesn’t Track Your Browsing or Location

• Congratulations to the MSRC 2022 Most Valuable Researchers!

• Twilio customer data exposed after its staffers got phished

• Slack admits to leaking hashed passwords for five years

• A Phone Carrier That Doesn’t Track Your Browsing or Location

• Microsoft tightens Edge security for less visited websites

• Coding it Forward fellows share their stories

• How older security vulnerabilities continue to pose a threat

• Open Redirect Flaws in American Express and Snapchat Exploited in Phishing Attacks

• Hacking the Future at DEF CON 30

• IT security: An opportunity to raise corporate governance scores

• Hackers Exploiting High-Severity Zimbra Flaw to Steal Email Account Credentials

• How to protect your organization from the top malware strains

• Phishers Swim Around 2FA In Coinbase Account Heists

• U.S. Imposes Sanctions On Virtual Currency Mixer Tornado Cash

• Dark Utilities C2 Service Draws Thousands Of Cyber Criminals

• Slack Leaked Hashed Passwords From Its Servers For Years

• San Diego Citizens Wrest Control Of Surveillance Tech Away From Police

• How Hash-Based Safe Browsing Works in Google Chrome

• IT security: an opportunity to raise corporate governance scores

• Stories from the SOC – Credential compromise and the importance of MFA

• 9 Factors to Consider Before Choosing a UEM Solution

• How crypto scams work – and why enterprises need to take note

• Meta Takes Action Against Cyber Espionage Operations Targeting Facebook in South Asia

• Deepfakes Grow in Sophistication, Cyberattacks Rise Following Ukraine War

• The Wrong Way to Compete With China

• Attack on Supplier Leaves NHS Recovering Services

• FortiGuard Labs: Evolving RapperBot IoT Malware Detected

• Multilingual Cybersecurity Awareness Training adapted for your needs

• Do You Know If Your Web Forms Are Secure?

• Phishers Swim Around 2FA in Coinbase Account Heists

• HYAS Unveils New Tool for Continuous DNS Monitoring

• Meta Disrupted Two Cyberespionage Operations in South Asia

• 7-Eleven Closes Stores in Denmark After Hacker Attack

• Twilio Hacked After Employees Tricked Into Giving Up Login Credentials

• 10 top open source security testing tools

• LogoKit update – The phishing kit leveraging Open Redirect Vulnerabilities

• Private Information of Almost 100k Healthcare Providers Exposed by PlatformQ

• Twitter 5.4 Million Users Data is Up For Sale For $30,000

• Live Public Preview: Check Point supports Eventarc for Google Cloud

• Your cybersecurity staff are burned out – and many have thought about quitting

• Chinese Hackers May Be Behind Attacks Targeting Eastern Europe and Afghanistan

• Cybersecurity Training and Tech Aren’t Enough; ‘Culture Change’ Needed

• What Adjustable Dumbbells Can Teach Us About Risk Management

• HYAS Infosec Announces General Availability of Cybersecurity Solution for Production Environments

• Researchers Uncover Classiscam Scam-as-a-Service Operations in Singapore

• The Benefits of Building a Mature and Diverse Blue Team

• New Orchard Botnet Uses Bitcoin Founder’s Account Info to Generate Malicious Domains

• Greek Intelligence Service Accepts Keeping Surveillance on Journalist

• Accurate U.S. crime data demands more state participation

• Hackers Exploit Open Redirect Vulnerabilities to Conduct LogoKit Phishing Campaigns

• Pipeline Operators Are Headed in the Right Direction, With or Without TSA’s Updated Security Directives

• How You Can Hack Your Senses to Work Better

• North Korean hackers target crypto experts with fake Coinbase job offers

• US, Australian Cybersecurity Agencies Publish List of 2021’s Top Malware

• Cyberspying Aimed at Industrial Enterprises in Russia and Ukraine Linked to China

• What Is Vishing?

• Everything CISOs Need to Know About NIST

• Electronic Signatures for the Healthcare Sector: 5 Things You Need to Know

• A New Remote Access Trojan Dubbed Woody Rat Delivered as Office Documents

• Most Reliable Hosting Company Sites in July 2022

• The metaverse faces more than 8 potential cyberthreats

• #ISC2Congress Theme: EMPOWER

• Hackers Using SHARPEXT Browser Malware to Spy on Gmail and Aol Users

• Is Your SME At Risk Of A Supply Chain Attack? Ask Yourself These Questions…

• A week in security (August 1 – 7)

• Slack leaked hashed passwords from its servers for years

• Greece Flies Russian Money Launderer to US: Lawyer

• NIST’s Post-Quantum Cryptography Standards

• UN Warns Of North Korea Cybercrime Escalation

• UK Parliament Closes TikTok Account After China Data Warning, Experts Weigh In

• What Is DNS? An Introduction to the Internet’s Phonebook and How It Works

• Apple Tells Taiwanese Suppliers To Avoid Disruption

• China’s Didi Chuxing ‘Fears More Sanctions’

• Report URI: Major new features, Threat Intelligence and more!

• Deepfake attacks and cyber extortion are creating mounting risks

• NHS 111 Cyberattack And Experts Reactions

• North Korean Hackers Target Crypto Job Seekers

• Multiple Health and Care Systems Provided by Advanced Hit by Outages

• Microsoft Office to publish symbols starting August 2022

• Deezer ‘Set For German Expansion’ After IPO Slump

• Vietnam’s VinFast Ramps Staff Ahead Of US Electric Vehicle Launch

• Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 1, 2022

• Zero-Day Bug Responsible for Massive Twitter Breach

• Slack Resets Passwords After Hashes Exposed When Invitations Shared

• Businesses are struggling to balance security and end-user experience

• VMware: The threat of lateral movement is growing

• NHS Cyber-Attack Delays Ambulances

• North Korea Allegedly Stole Millions of Dollars Worth of Crypto Assets

• How Data Collection Can Improve Cyber Security

• Tinder Ditches Metaverse, Digital Coin Plans As Investors Swipe Left

• Amazon To Buy Roomba Maker iRobot For $1.7bn

• Dorsey’s Block To Cut Expenditures After Crypto Loss

• Are you overheating? Your phone might be too…

• Targeted attack on industrial enterprises and public institutions

• Software developers, how secure is your software ?

• Meta Cracks Down on Cyber Espionage Operations in South Asia Abusing Facebook

• FIRST launches Traffic Light Protocol 2.0 with important updates

• Dark Utilities C2 service draws thousands of cyber criminals

• New ransomware targeting critical Linux Servers in South Korea

• UK NHS 111 Telephone number meant for medical help down because of Cyber Attack

• Microsoft is blocking Tutanota email addresses from registering a MS Teams account

• Attackers abuse open redirects in Snapchat and Amex in phishing attacks

• Stratus Red Team: Open-source tool for adversary emulation in the cloud

• Could criminalizing ransomware payments put a stop to the current crime wave?

• Your next Phishing email may come straight from PayPal

• What Black Hat USA 2022 attendees are concerned about

• Data privacy regulation a top three challenge for IoT adopters

• Cyberattacks on healthcare organizations negatively impact patient care

• Singapore Increases its Investment in Quantum Computing, to Keep Ahead of Security Risks

• Ivanti Named Leader in 2022 Gartner® Magic Quadrant™ for Unified Endpoint Management Tools

• Weak Cybersecurity is taking a toll on Small Businesses

• IT Security News Weekly Summary – Week 31

• IT Security News Daily Summary 2022-08-07

• Darktrace Nominated to Compete for Double ‘ASTORS’ Awards in 2022

• Twitter Confirms Data Breach as 5.4M Accounts Sold on Hacker Forum

• Serious cyberattack hits German Chambers of Industry and Commerce (DIHK)

• Neuro Practice Says 363,000 Users’ Personal Info Leaked

• The dos and don’ts of startup security: How to develop a security plan

• Were Facebook and Twitter Consistent in Labeling Misleading Posts During the 2020 Election?

• Security Affairs newsletter Round 377

• To Secure Saas, Combine Top Compliance Frameworks with An SSPM

• Great Power Brings Great Responsibility: How to Keep Cloud Databases Secure in an Uncertain World

• GwisinLocker ransomware exclusively targets South Korea

• Slack Fixed Security Flaw for Passwords

• Patch now! Cisco VPN routers are vulnerable to remote control

• Hackers Exploited Twitter Zero-day Bug to Expose 5.4 Million Accounts

• How to Use Lockdown Mode in iOS 16 to Make Your Phone More Secure

• Week in review: Spot deep-faked job candidates, data exfiltration via bookmarks, Patch Tuesday forecast

• Phishy calls and emails play on energy cost increase fears

• Penetration testing

• New IoT RapperBot Malware Targeting Linux Servers via SSH Brute-Forcing Attack

• SSCP Exam – Changes on the Way!

• Credential harvesting: Is it too big of an attack or can you fight back?

• TechRepublic Premium editorial calendar: IT policies, checklists, toolkits, and research for download

Generated on 2022-08-14 23:59:21.757842