IT Security News Weekly Summary – Week 37

• IT Security News Daily Summary 2022-09-18

• Information Warfare and What Infosec Needs to Know

• Poor Identity Management Amplifies Ransomware

• Akeyless Empowers Enterprise Code Security with Comprehensive Secrets Management

• The Importance of Terrorist Founders and the Role of Safe Havens

• LastPass Hacked, Customer Data and Vaults Secure

• Hackers Had Internal Access for 4 Days

• Fintechs weather the storm: How disruptive technology is driving change

• How to Prepare for the Future of Vulnerability Management

• Akamai Sighted an Evolving DDoS attack in EU

• Critical Bug Identified in Kingspan TMS300 CS Water Tank Management System

• LastPass Says Hackers Accessed Its Systems for Just 4 Days

• Netgear Routers impacted by FunJSQ Game Acceleration Module flaw

• CISA Expands Flaws Catalog With Old, Exploited Vulnerabilities

• How to Use DuckDuckGo’s Privacy-First Email Service

• The Queen’s Funeral Sets Off the Biggest UK Police Operation Ever

• Uber says there is no evidence that users’ private information was compromised

• Week in review: Uber hacked, QNAP NAS devices under attack, 5 Kali Linux books to read this year

• Penetration testing

• When to Perform IoT Testing: 4 Tips for Beginners

• LastPass provides details on August 2022 hack

• How does robust cybersecurity add value to a business?

• Hexnode Announces Speaker Line-up for Global User Conference, HexCon22

• Keysight Technologies PathWave ADS 2023 automates design-to-test workflows

• Cofense advances its team members, Tonia Dudley and Josh Bartolomie

• Poly announces external API Marketplace utilizing RapidAPI

• 3 ways MDR can drive business growth for MSPs

• S3 Ep100.5: Uber breach – an expert speaks [Audio + Text]

• Security Affairs newsletter Round 384

• Uber Downplays Data Breach Impact, Claims No Sensitive Data Stolen

• IT Security News Daily Summary 2022-09-17

• LastPass revealed that intruders had internal access for four days during the August hack

• Latest Cyberthreats and Advisories – September 9, 2022

• Credential theft food chain—What is Ransomware-as-a-Service

• Serious Breach at Uber Spotlights Hacker Social Deception

• Hacker Couple Deleted Hotel Chain Data For Fun

• Uber Breach Looks Like It Compromised All Systems

• Major Vulnerabilities Found in Wireless LAN Devices in Airlines

• Bell Canada Hit by Hive ransomware

• Malware Targets Weblog Servers And Dockers APIs For Cryptomining

• CISA adds Stuxnet bug to its Known Exploited Vulnerabilities Catalog

• Multiple Security Bugs Identified in EZVIZ Smart Cams

• New Spear Phish Methodology Relies on PuTTY SSH Client to Infect Systems

• Facebook Reverses Ban On Holocaust-Themed Movie

• US Border Agents May Have a Copy of Your Text Messages

• CISA Expands Vulnerabilities Catalog With Old, Exploited Flaws

• Uber Investigates Potential Breach Of its Computer System

• Uber Claims No Sensitive Data Exposed in Latest Breach… But There’s More to This

• Become an ethical hacker online

• Can reflections in eyeglasses actually leak info from Zoom calls? Here’s a study into it

• Build or Buy your own antivirus product

• Uber Hacked – Attackers Breached Critical IT Systems & Windows Domain

• Rising to the challenges of secure coding – Week in security with Tony Anscombe

• So You’re Certified in Cybersecurity – Now what?

• Guide to the best data privacy certifications for 2022

• Hackers Had Access to LastPass’s Development Systems for Four Days

• Postman 10 improves API governance and security

• Code42 Incydr enhancements support DaaS and VDI environments

• Tanium XEM platform integration with Microsoft Sentinel enables active threat hunting

• Uber hacked

• What Uber’s data breach reveals about social engineering

• Uber investigates cybersecurity incident

• Report: 54% of organizations breached through third parties in the last 12 months

• How to manage SSH connections on MacOS with Termius

• The Uber Hack’s Devastation Is Just Starting to Reveal Itself

• Giving Big Corporations “Closed Generic” Top-Level Domain Names to Run as Private Kingdoms Is Still a Bad Idea

• School chat app Seesaw abused to send ‘inappropriate image’ to parents, teachers

• IT Security News Daily Summary 2022-09-16

• Local gov keeps project knowledge from walking out the door

• Discover the benefits and challenges of bug bounty programs

• Friday Squid Blogging: Mayfly Squid

• New Research Reveals Network Attacks at Highest Point Over the Last Three Years

• Omnibus Spending Bill Highlights Need for Protecting Critical Infrastructure

• DHS unwraps $1B state and local cybersecurity grant program

• Attacker Apparently Didn’t Have to Breach a Single System to Pwn Uber

• DOJ drops report on cryptocurrency crime efforts

• Tackling Financial Fraud With Machine Learning

• Compliance Automated Standard Solution (COMPASS), Part 2: Trestle SDK

• NJ Courts’ IT modernization streamlines processes for staff, litigants

• Companies need data privacy plan before joining metaverse

• Risk & Repeat: The White House wants secure software

• Bitdefender releases Universal LockerGoga ransomware decryptor

• Once again, lawmakers ask if it’s time to codify the federal CIO role

• Uber investigating security breach of several internal systems

• Keep Today’s Encrypted Data From Becoming Tomorrow’s Treasure

• Real Estate Phish Swallows 1,000s of Microsoft 365 Credentials

• Feds prepare to open new $500M program for transportation tech

• White House looks to government and community data collaboration to promote equity

• Seesaw: Popular elementary school app used to distribute obscene image

• Botched Crypto Mugging Lands Three U.K. Men in Jail

• git-secret: Encrypt and Store Secrets in a Git Repository

• DDoS Attack Against Eastern Europe Target Sets New Record

• Hackers Launching Self-Spreading Malware To Attacks Gamers via YouTube

• Autonomous stores could change the retail game

• Ransomware: 3 ways to protect your business

• Water Tank Management System Used Worldwide Has Unpatched Security Hole

• SOC Infrastructure Firm Cyrebro Raises $40 Million

• North Korea-linked APT spreads tainted versions of PuTTY via WhatsApp

• International ID Day: Shining a spotlight on legal identity

• How to unite security and compliance in 5 simple ways

• Cloud Data Security

• Deliver Secure Digital Workspaces with Citrix Virtual Apps and Desktops on Microsoft Azure

• UBER HAS BEEN HACKED, boasts hacker – how to stop it happening to you

• Zoom Outage Rendered Services Unavailable

• High demand for breached cloud account credentials

• What Are the Effects of a Cyberattack in a Recession?

• Phosphorus and EverSec Group Announce New Partnership to Further Expand xIoT Attack Surface Management and Remediation in the US Market

• Latest Cyberthreats and Advisories – September 16, 2022

• The Importance of Monitoring in Your SecOps Process

• Akamai Mitigated Record-Breaking DDoS Attack Against European Customer

• No browser is perfect. What’s a user to do?

• Uber responds to possible breach following hacker taunts

• Uber hacked, attacker tears through the company’s systems

• Japanese Payment System Attacked By Fake Security App

• Microsoft Teams is storing authentication tokens in cleartext

• Researchers Find Link b/w PrivateLoader and Ruzki Pay-Per-Install Services

• Webworm Hackers Deploy Modified RATs in Espionage Assaults to Target Government Entities

• Notepad++ Plugin Cyberattack Analysis

• Starbucks Singapore Says Customer Database Breached

• Industry Reactions to Govt Requiring Security Guarantees From Software Vendors

• US Agencies Publish Security Guidance on Implementing Open RAN Architecture

• Game Acceleration Module Vulnerability Exposes Netgear Routers to Attacks

• Hacker Pwns Uber Via Compromised Slack Account

• Starbucks Singapore Customer Data Accessed Illegally in Data Leak

• Latest Cyberthreats and Advisories – September 16, 2022

• What is proof-of-stake? A computer scientist explains a new way to make cryptocurrencies, NFTs and metaverse transactions

• Highlights of the 2022 Pwnie Awards

• How to Use a UTM Solution & Win Time, Money and Resources

• North Korean Hackers Spreading Trojanized Versions of PuTTY Client Application

• Massive Data Breach at Uber

• Enhancing application container security and compliance with Podman

• Aggressive DDoS Attack – Over 700 Mpps Attack Traffic to Cripple Target Organization

• The Air Force has a plan to #fixourcomputers and more

• Business Application Compromise & the Evolving Art of Social Engineering

• Uber Investigating Massive Security Breach By Alleged Teen Hacker

• Vulnerability Allows Access To Credentials In Microsoft Teams

• Trojanized Versions Of PuTTY Being Used To Spread Backdoor

• Eastern European Org Hit By Second Record DDoS Attack

• What It Really Means to “Hold Big Tech Accountable”

• What is Managed Detection and Response (MDR)?

• What Is Privileged Identity Management (PIM)?

• Celsius Seeks Permission To Sell Stablecoin Assets

• Uber Hack – Ride-hailing Giant Investigating Large-Scale Data Breach

• What Is Encryption? — 6 Top Types of Encryption Methods + Examples

• Report: Cloud hackers are only 3 steps away from ‘crown jewel’ data

• Uber Investigating Data Breach After Hacker Claims Extensive Compromise

• Akamai Sees Europe’s Biggest DDoS Attack to Date

• Uber investigates ‘cybersecurity incident’ after reports of a hack on the company

• No Concessions From Microsoft, Amid Activision Purchase Concern

• This AI system will completely change your experience at sporting events

• IoT: Europe readies cybersecurity rules for smart devices – with big fines attached

• Hackers Targeting WebLogic Servers and Docker APIs for Mining Cryptocurrencies

• Cost of Living Crisis Impact on Online Activity

• Understanding Insecure Deserialization Vulnerability

• Uber Responding After ‘Cybersecurity Incident’

• Modern Data Security Needs a Modern Solution

• Uber Investigating Data Breach After Hacker Claims of Extensive Compromise

• MIRACL Trust ID Branded ‘an authentication solution that lives up to its name’ by financial services industry analysts Celent

• Zoom Systems Crash Left Users Helpless

• Hive Ransomware Group Hits Bell Canada Subsidiary

• Uber Announces Major Security Breach

• Turbo boost your career in cyber security

• Allies Warn of Iranian Ransom Attacks Using Log4Shell

• Crypto Scams Skyrocket as Domains Surge 335%

• Uber Hacker May Have Compromised Secret Bug Reports

• Starbucks Singapore says customer data illegally accessed in data leak

• Crypto Scams Soar as Domains Surge 335%

• Want your endpoint security product in the Microsoft Consumer Antivirus Providers for Windows ?

• Lenovo Several High-Severity BIOS Vulnerabilities Impacts Hundreds of Devices

• Uber hacked, internal systems and confidential documents were allegedly compromised

• SideWalk Backdoor Added New Tool in Arsenal to Target Linux Servers

• Uber security breach ‘looks bad’, potentially compromising all systems

• Ransomware news trending on Google

• Uber Hack 2022 Details

• Eastern European org hit by second record-smashing DDoS attack

• Malware Spreads Through FishPig Distribution Server to Infect Magento-Powered Stores

• How to improve public sector’s security strategy?

• Why shift left is burdening your dev teams

• New infosec products of the week: September 16, 2022

• The Cybersecurity Workforce Climate in Asia

• Shikitega – New stealthy malware targeting Linux

• Comtech Awarded London Police Service Next Generation 9-1-1 Contract

• New Digital Trust Research Reveals Gaps, Benefits and Key Takeaways for Future Digital Transformation

• Enrollment Is Open for Free One Million Certified in Cybersecurity

• China can destroy US space assets, Space Force ops nominee warns

• Uber Says It’s Investigating a Potential Breach of Its Computer Systems

• OneSpan launches Virtual Room to offer bank-grade identity and authentication security

• Most organizations consolidate to improve risk posture

• How serious are organizations about their data sovereignty strategies?

• Uber reels from ‘security incident’ in which cloud systems seemingly hijacked

• Treasury chief: IRS modernization is coming soon

• Uber reels from ‘security incident’ that appears to have exposed data, cloud systems

• Arrcus FlexMCN delivers cloud connectivity as a managed service to enterprises

• Akuity Platform helps DevOps manage and scale Kubernetes application delivery

• Juniper Networks expands its data center operations with Apstra Freeform

• Arista Networks expands and accelerates EOS routing validated for cloud, carrier and enterprise solutions

• ForgeRock enhances its identity platform to provide personalized and secure user experiences

• S3 Ep100: Browser-in-the-Browser – how to spot an attack [Audio + Text]

• Concentric AI joins forces with Snowflake to improve data security posture management for customers

• Kinara and Arcturus Networks partner to provide AI solutions for smart city apps

• Fortanix raises $90M to improve cloud security and privacy for highly regulated industries

• Malvertising on Microsoft Edge’s News Feed pushes tech support scams

• Cyber threat hunting for SMBs: How MDR can help

• Here are the new security and privacy features of iOS 16

• Explained: Fuzzing for security

• School app Seesaw compromised to send shock NSFW image

• Microsoft Teams vulnerability shows danger of collaboration apps

• US senator reveals how US Customs has amassed data from Americans’ devices

• CrowdStrike appoints Jennifer Johnson as CMO

• Lattice Semiconductor appoints Raejeanne Skillern to Board of Directors

• Aliro Quantum names Michael Wood as CMO

• CoreStack and Marlabs collaborate to expand cloud management offerings

• US Charges 3 Iranian Hackers Over Ransomware Attacks

• Secure ‘Virtual Room’ service adds trust to e-signatures and digital agreements

• Report: Digital trust is critical, but many enterprises are not prioritizing it

• Akamai mitigated a new record-breaking DDoS attack against a Europen customer

• Staged Payloads from Kali Linux | PT Phone Home – DNS

• EFF’s DEF CON 30 Puzzle—SOLVED

• IT Security News Daily Summary 2022-09-15

• Crash data analysis gets $1M infusion

• Use shadow IT discovery to find unauthorized devices and apps

• Best Fraud Management Systems & Detection Tools in 2022

• Critical Vulnerabilities Found in Devices That Provide WiFi on Airplanes

• 10 top malware protection solutions: Definition and key features

• NIST, Google announce chip R&D partnership

• Note to Security Vendors — Companies Are Picking Favorites

• Biden adds cyber, data, supply chain risks to CFIUS reviews

• OMB’s ‘learning agenda’ looks to drive government innovation

• The national broadband rollout has a blind spot: Lack of accurate, transparent data about internet access speeds

• Utah readies mobile driver’s license rollout

• Malware on Pirated Content Sites a Major WFH Risk for Enterprises

• Members of Congress Urge FTC to Investigate Fog Data Science

• It’s Time For A Federal Anti-SLAPP Law To Protect Online Speakers

• Adobe Creates Role of Chief Cybersecurity Legal Officer

• Popular IoT Cameras Need Patching to Fend Off Catastrophic Attacks

• Actively Exploited Zero-Day Vulnerability Found In WPGateway WordPress Plugin

• Rule for vendors’ secure software self-attestation in the works

• The Fight to Overturn FOSTA, an Unconstitutional Internet Censorship Law, Continues

• OPAL + OPA VS XACML

• Concerns grow over AI in hiring processes

• US, UK, Canada and Australia Link Iranian Government Agency to Ransomware Attacks

• Rust Gets a Dedicated Security Team

• Webworm Attackers Deploy Modified RATs in Espionage Attacks

• Phishing attacks being launched on the name of Queen Elizabeth II

• Cyber Attack on unpatched medical devices

• Report: Only 10% of orgs had higher budget for cybersecurity, despite increased threat landscape

• S3 Ep100: Imagine you went to the moon – how would you prove it? [Audio + Text]

• Former Facebook Leader Says The Company Prioritizes Profit Over User Safety

• 5 Steps to Strengthening Cyber Resilience

• CISA Releases Eleven Industrial Control Systems Advisories

• A Large Number of Ventures Suffering From Cloud Security Attacks

• Analysis on Agent Tesla’s Successor

• XDR: Why open is better than closed

• Tanium Unveils Groundbreaking Integration with Microsoft Sentinel

• Tesla Sued Over Autopilot, FSD Claims

• FAA launches data visualization dashboard to better inform public about the national airspace

• FBI warns of criminals attacking healthcare payment processors

• How does data governance affect data security and privacy?

• Notepad++ Plugins Allow Attackers to Infiltrate Systems, Achieve Persistence

• CISA Releases Eleven Industrial Control Systems Advisories

• Test your team’s security readiness with the Gone Phishing Tournament

• Hackers Group in China Creates Linux Version of Sidewalk Windows

• Attackers Abuse Facebook Ad Manager in Credential-Harvesting Campaign

• D-Wave Demonstrates Large-Scale Coherent Quantum Annealing

• U.S. Public Sector Updates Security for New Cloud Reality

• (ISC)² and Venafi Explore The Strange New World of Machine Identity Management

• APIs: Risks and security solutions

• Six-Year-Old Blind SSRF Vulnerability Risks WordPress Sites To DDoS Attacks

• Deep Insert – An ATM Skimmer Let Hackers Clone ATM Card & Steal 4-Digit PIN

• How to use the handy SSH management tool in Chrome OS

• Transparency, disclosure key to fighting ransomware

• YouTube Users Targeted By RedLine Self-Spreading Stealer

• Researchers Warn of Self-Spreading Malware Targeting Gamers via YouTube

• Experts warn of self-spreading malware targeting gamers looking for cheats on YouTube

• (ISC)² CEO Clar Rosso Honored by SC Media’s Women in IT Security Program

• Ex-Broadcom engineer asks for house arrest over IP theft

• FBI Warns of Cyberattacks Targeting Healthcare Payment Processors

• OneLayer Raises $6.5 Million From Koch’s VC Arm

• EU Wants to Toughen Cybersecurity Rules for Smart Devices

• 2022 CISO Forum: All Sessions on Demand

• Data Security Firm Fortanix Raises $90M Series C

• Telos Corporation to Help Enterprises Operationalize Cybersecurity Compliance and Regulatory Risks with IBM Security

• Unflagging Iranian Threat Activity Spurs Warnings, Indictments From US Government

• Relay Attack against Teslas

• The art and science of secure open source software development

• New Report Reveals AWS Cloud Security Challenges

• The Benefits Of Blockchain In The Travel Industry

• Deep Insert – An ATM Skimmer Let Hackers Clone ATM Card & Steal 4-digit PIN

• Webworm retools old RATs for new cyberespionage threat

• Sanctions as a Surgical Tool Against Online Foreign Influence

• Breaking Down the U.N.’s Report on Xinjiang

• New York tax Fraudster Sentenced to 12 years in Prison for Child Data Theft Ring

• ‘Explosion’ At VR Lab At US University Injures Staff Member – Report

• Fortanix Raises $90M in Series C Funding Led by Goldman Sachs Asset Management

• 5 Best Practices for Building Your Data Loss Prevention Strategy

• This Hacker Is Trying To Close The Gender Pay Gap In Cybersecurity

• A Quarter Of Cloud Breaches Caused By Unpatched Vulnerabilities

• Ethereum Cryptocurrency Completes Move To Cut CO2 Output By 99%

• EU Proposes Rules Targeting Smart Devices With Cybersecurity Risks

• US School App Accounts Hacked To Send Explicit Image

• The Global DDoS Threat Landscape – September 2022

• Millions of Dollars Stolen by Hackers from Healthcare Payment Processors

• The Heimdal® Threat Prevention Suite Advances Its DNS Security Capabilities with a World-First, Ground-Breaking New Feature

• ARM Launches New Chip Design For Data Centre, Cloud

• A Response Guide for New NSA and CISA Vulnerabilities

• Fortanix Raises $90M in Series C Funding Led by Goldman Sachs Asset Management to Accelerate Leadership in the Data Security Market

• 5 Ways to Mitigate Your New Insider Threats in the Great Resignation

• Russian Gamaredon Hackers Target Ukrainian Government Using Info-Stealing Malware

• Russia-linked Gamaredon APT target Ukraine with a new info-stealer

• Coalition Cyber Insurance – Small Businesses Prime Targets

• Undermining Microsoft Teams Security By Mining Tokens

• 5 Fun Games You Can Install On Your Windows PC

• Building the barricades against identity-based attacks

• Report: Endpoint protection missing from nearly 1 in 5 enterprise Windows servers

• US Government Wants Security Guarantees From Software Vendors

• Chrome 105 Update Patches High-Severity Vulnerabilities

• Dope.security Emerges From Stealth With New Approach to Secure Web Gateways

• U.S. Charges 3 Iranian Hackers And Sanctions Several Others Over Ransomware Attacks

• Microsoft Patch Tuesday September Arrives With 80+ Bug Fixes

• US DoJ Charges Three Iranians With Hack, Extortion Scheme

• Token-Mining Weakness in Microsoft Teams Makes for Perfect Phish

• Unpatched And Outdated Medical Devices Provide Cyber Attack Opportunities

• Ransomware Group Have Threatened To Leak Over 1m Medical Records

• Experts Reaction On White House Releases Post-SolarWinds Federal Software Security Requirements

• San Francisco Police Must End Irresponsible Relationship with the Northern California Fusion Center

• Iran steps up its cybercrime game and Uncle Sam punches back

• US government software suppliers must attest their solutions are secure

• SparklingGoblin deploys new Linux backdoor – Week in security, special edition

• Third‑party cookies: How they work and how to stop them from tracking you across the web

• Fortanix: Confidential computing can secure data-in-use

• SAP Patches High-Severity Flaws in Business One, BusinessObjects, GRC

• When It Comes to Security, Don’t Overlook Your Linux Systems

• The Shaky Future of a Post-Roe Federal Privacy Law

• Indonesian Government Pressures Private Sector to Implement Better Cybersecurity Measures

• The mobile malware landscape in 2022 – Of Spyware, Zero-Click attacks, Smishing and Store Security

• Webworm Hackers Using Modified RATs in Latest Cyber Espionage Attacks

• Linux variant of the SideWalk backdoor discovered

• Jefferies says buy Okta, an attractive cyber leader poised to rally nearly 50%

• South Korea Issues Arrest Warrant For TerraUSD’s Do Kwon

• Ethereum ‘Merge’ Power-Saving Upgrade Completed

• User Alert as Phishing Campaigns Exploit Queen’s Passing

• Cybercrime Forum Admins Steal from Site Users

• Vulnerabilities Found in Airplane WiFi Devices

• Fake App Store pages are the new fake Flash Player alerts

• Hello, iOS 16! – Intego Mac Podcast Episode 257

• Agent Tesla’s Successor OriginLogger Keylogger Malware Steals Credentials, Takes Screenshots

• FBI: Millions in Losses resulted from attacks against Healthcare payment processors

• Organizations lack visibility into unauthorized public cloud data access

• Cybercrime Fears for Children as Cost-of-Living Bites

• ISACA: Ensuring Digital Trust Key to Digital Transformation Success

• Self-spreading stealer attacks gamers via YouTube

• Do you know what your supply chain is and if it is secure?

• U.S. Charges 3 Iranian Hackers and Sanctions Several Others Over Ransomware Attacks

• Weekly Update 313

• Questions to Ask Yourself Before Sending Sexy Photo | Avast

• Crooks are using lures related to Her Majesty Queen Elizabeth II in phishing attacks

• Strong Authentication Considerations for Digital, Cloud-First Businesses

• SMBs are hardest-hit by ransomware

• 6 key challenges technologists are facing today

• Q-Day doesn’t equal doomsday: Enacting an enterprise quantum security strategy

• Assigning Tasks to Less-Experienced Cybersecurity Hires Depends on Company Needs

• (ISC)² Closing the Cybersecurity Workforce Gap

• Why does preparing for AI attacks need to be your next big agenda?

• Pros and cons of cybersecurity automation

• Crypto miners’ latest techniques

• Defense firms sound inflation alarm as Congress mulls 2023 budget

• NetSupport Manager 14 protects data in the hybrid work environment

• Google leverages open-source fully homomorphic encryption library

• Avetta Business Risk helps customers reduce risk and liability in the supply chain

• Netskope enhances Netskope Cloud Firewall capabilities of its SASE platform

• Backlogs larger than 100K+ vulnerabilities but too time-consuming to address

• WordPress-powered sites backdoored after FishPig suffers supply chain attack

• South Korea Fines Google, Meta Over Privacy Violations

• Rocket Support for Zowe enables developers to modernize and accelerate mainframe app development

• Weave GitOps 2022.09 simplifies application deployment into any Kubernetes environment

• NETSCOUT and Palo Alto Networks provide enterprise security operation teams with end-to-end visibility

• AlertEnterprise collaborates with Sentry to offer cyber-physical IAM

• Google Cloud and C3 AI expand partnership to develop new AI-powered services

• Adaptive Shield and Tenable joint solution helps organizations protect their SaaS stack

• SandboxAQ acquires Cryptosense to accelerate the deployment of PQC solutions to organizations

• Red Teaming to Reduce Cyber Risk

• Fake Security App Found Abuses Japanese Payment System

• New Linux Malware Shikitega Can Take Full Control of Devices

• How to help your child manage their online reputation

• WPGateway WordPress plugin vulnerability could allow full site takeover

• Update now! Microsoft patches two zero-days

• The privacy concerns of tying SIM cards to real identities

• 5 technologies that help prevent cyberattacks for SMBs

• Why Artificial Intelligence is Must for Cybersecurity

• Say Hello to Crazy Thin ‘Deep Insert’ ATM Skimmers

• LogRhythm names Gary Abad as VP of Global Channels

• May Mitchell joins Open Systems as CMO

• Obsidian Security appoints Reena Choudhry as CRO

• U.S. drops the hammer on Iranian ransomware outfit

• IT Security News Daily Summary 2022-09-14

• Report: Only 27% of orgs have observability over their full stack

• How integrated city data ensures social services delivery

• White House to tech world: Promise you’ll write secure code – or Feds won’t use it

• Microsoft Support Diagnostic Tool Vulnerability: What to Learn from It and How to Stay Safe

• Mitigate Risk by Securing Third Party Software And Environments

• Federal Progress On Zero Trust: A Report

• Agencies probe AI’s impact on the American workplace

• Protests hit CACI’s $5.7B Air Force win

• Prioritize equity analysis in agency planning, governor says

• Consumer data needs better protection by government

• White House Guidance Recommends SBOMs for Federal Agencies

• CISA added 2 more security flaws to its Known Exploited Vulnerabilities Catalog

• Alaska automates tax collection from out-of-state sales

• Data privacy concerns grow as legislation lags

• Biden issues cybersecurity guidance for software vendors

• Nearly one in two industry pros scaled back open source use over security fears

• The Twitter Whistleblower’s Testimony Has Senators Out for Blood

• How to Use SSH Keys and 1Password to Sign Git Commits

• Industry cautions on software security regs in the defense bill

• OMB: New acquisition rule coming for vendors to vouch for their software security

• How Little Rock is harnessing data to become a smarter city

• Dig Security Banks $34 Million for Cloud Data Security

• US Indicts Iranians Who Hacked Power Company, Women’s Shelter

• Whistleblower Tells Senate Twitter Prioritised Profit Over Security

• Top 3 data security risks facing businesses

• Fake Security App Found Abusing Japanese Payment System

• North Korean cyberespionage actor Lazarus targets energy providers with new malware

• SparklingGoblin Updates Linux Version of SideWalk Backdoor in Ongoing Cyber Campaign

• 5 ways to improve your cloud security posture

• Vulnerabilities Found in Airplane WiFi Devices, Passengers’ Data Exposed

• CISA Adds Two Known Exploited Vulnerabilities to Catalog

• Iranian Islamic Revolutionary Guard Corps Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations

• Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations

• CISA Adds Two Known Exploited Vulnerabilities to Catalog

• A Retrospective Post-Quantum Policy Problem

• Implementing a Zero Trust strategy after compromise recovery

• cPacket Networks Expands Its Data Center Observability Portfolio

• Become an (ISC)² Candidate – No Exam, Experience or Fees Required

• 8 blockchain security issues you are likely to encounter

• AutoRabit launches devsecops tool for Salesforce environments

• WordPress Sites Hacked via Zero-Day Vulnerability in WPGateway Plugin

• Bishop Fox Releases Open Source Cloud Hacking Tool ‘CloudFox’

• Dig Security Banks Another $34 Million for Cloud Data Security

• SparklingGoblin APT Targeted Hong Kong University With New Linux Backdoor

• Iranian Islamic Revolutionary Guard Corps Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations

• Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations

• Documents For Sale on the Dark Web

• Crypto Scammers Hack Famous Youtube Channel ‘DALLMYD’ with 13 Million Subscribers

• Lorenz Ransomware: Network Breach via VoIP

• Google Spins Out Secret Telecom Project Aalyria

• What You Need to Know when Considering a VPN on Linux

• 2022 Threat Hunting Report: Falcon OverWatch Looks Back to Prepare Defenders for Tomorrow’s Adversaries

• Coming Soon to Las Vegas: Fal.Con 2022 Event Highlights and Special Guests

• Start Your Zero Trust Journey With Identity

• Your Account Takeover Prevention Checklist: 5 Steps to Minimise the Risk

• Goodbye Friction, Hello Flow: 6 Ways to Build Trust with Strong Customer Authentication

• SparklingGoblin APT adds a new Linux variant of SideWalk implant to its arsenal

• Why Cloud Fax Is Better For Secure Data Exchange Than Email

• #ISC2Congress: Empowering Partnerships

• What Are Checksums & Why Should You Be Using Them?

• How zero trust can help battle identities under siege

• Secureworks reveals Azure Active Directory flaws

• FormBook Knocks Off Emotet As Most Used Malware in August

• Breach Of Software Maker Used To Backdoor As Many As 200,000 Servers

• California’s Newsom Signs Bill Requiring Social Media Firms’ Transparency

• Mudge: Lack Of Access, Data Controls Invite Twitter Exploitation

• Hacker Used Internal U-Haul Tool To Look Up Customer Information

• FBI: Legacy Medical Devices Pose Risk Of Exploit, Patient Safety Impacts

• Data Sovereignty Worries Drive Hybrid Cloud Adoption, Says Scality

• You never walk alone: The SideWalk backdoor gets a Linux variant

• Lorenz Ransomware Exploit Mitel VoIP Systems to Breach Business Networks

• Missouri Decision Foreshadows Outcomes of Remaining Coronavirus-Related Suits Against China

• New Security and Privacy Features in macOS Ventura, iOS 16, and iPadOS 16

• novoShield Emerges From Stealth With Mobile Phishing Protection App

• To Ease the Cybersecurity Worker Shortage, Broaden the Candidate Pipeline

• Cyberattacks Are Now Increasingly Hands-On, Break Out More Quickly

• Attackers mount Magento supply chain attack by compromising FishPig extensions

• Vulnerability management: Most orgs have a backlog of 100K vulnerabilities

• Space chief nominee worried about launchpad ‘traffic jams’

• TeamTNT Hits 150K Docker Containers via Malicious Cloud Images

• Montenegro Under Cyber Attack, Russia Blamed, All NATO States Would Be Prepared

• Ransomware Roulette with Consumer Trust – The Link Between Loyalty And Attacks

• 7 Ways Good Data Security Practices Drive Data Governance

• How Can You Tell if a Cryptocurrency is Legitimate? Read Our Guide To Find Out

• Major Cyberattack Hits English Company Eurocell

• Data protection’s biggest secret: 1 in 10 employees will leak IP data

• data masking

• Hackers Are Using WeTransfer Links To Spread Malware

• COMMENT: Biggest US Healthcare Ransomware Attack In 2022

• Canadian Solar Has Been Hacked By LockBit 3.0 Ransomware

• Google Partners US Government To Develop Open Source Chips

• Kaspersky report: malware attacks targeting gamers increase

• Malware Infects Magento-Powered Stores via FishPig Distribution Server

• Google Improves Chrome Protections Against Use-After-Free Bug Exploitation

• Microsoft Patch Tuesday, Expert Weighs In

• Twitter whistleblower cites major security flaws during testimony

• Beware! 0-Day Bug in WPGateway Actively Exploited in Wild & Targets 280,000 Sites

• What Kind of Data Costs Most in a Breach?

• Old Habits Die Hard: New Report Finds Businesses Still Introducing Security Risk into Cloud Environments

• How data detection and response are becoming cloud security essentials

• Passengers Exposed to Hacking via Vulnerabilities in Airplane Wi-Fi Devices

• How to Do Malware Analysis?

• SparklingGoblin APT Hackers Using New Linux Variant of SideWalk Backdoor

• Weird Fallout from Peiter Zatko’s Twitter Whistleblowing

• August’s Top Malware: Emotet Knocked off Top Spot by FormBook while GuLoader and Joker Disrupt the Index

• Ukraine’s Cyberwar Chief Sounds Like He’s Winning

• iOS 16 Launches With Advanced Cyber Protection

• Phishers take aim at Facebook page owners

• EU Court Upholds Antitrust Android Ruling Against Google

• Google and Meta fined over $70m for privacy violations in Korea

• Samsung was hacked… again

• A Post-exploitation Look at Coinminers Abusing WebLogic Vulnerabilities

• Twitter Shareholders Approve Musk’s $44bn Takeover

• Bitwarden password manager adds Fastmail email forwarding support

• Four-Fifths of Firms Hit by Critical Cloud Security Incident

• More and More Companies Are Getting Hit with Ransomware [2021-2022]

• Group of Hackers Attack Asian Governments Using ShadowPad RAT Malware

• Microsoft Fixes Two Zero-Days This Patch Tuesday

• DDoS Attacks on UK Firms Surge During Ukraine War

• Researchers Detail OriginLogger RAT — Successor to Agent Tesla Malware

• How Has Technology Changed the Visa Processing Procedure in Today’s Time?

• Cyberspies Drop New Infostealer Malware on Govt Networks in Asia

• Cyber Security Management System (CSMS) for the Automotive Industry

• iOS 16 Launches With Lockdown Mode, Spyware Protection, Safety Check

• Twitter former head of security told the Senate of severe security failings by the company

• Google Cloud completes Mandiant acquisition for $5.4 billion

• Ransomware news headlines trending on Google

• Cyber attack trends vs. growing IT complexity

• Thwarting attackers in their favorite new playground: Social media

• Microsoft’s Latest Security Update Fixes 64 New Flaws, Including a Zero-Day

• Microsoft September 2022 Patch Tuesday fixed actively exploited zero-day

• Threat actors are actively exploiting a zero-day in WPGateway WordPress plugin

• Cybersecurity Threats to the US Water Industry

• novoShield launches iPhone phishing protection app on the App Store

• Kingston Digital releases IronKey Keypad 200 to deliver FIPS 140-3 Level 3 security for data

• CIS Critical Security Controls v8

• CFOs’ overconfidence in cybersecurity can cost millions

• What’s challenging development teams amid their race to the cloud?

• XDR Alliance Welcomes New MSSP and MDR Members Committed to Open XDR Framework in Cybersecurity

• Veteran Cybersecurity Executive May Mitchell Joins Open Systems as Chief Marketing Officer

• CrowdStrike to Webcast Investor Briefing

• Latest Cyberthreats and Advisories – September 2, 2022

• Credential theft food chain—What is Ransomware-as-a-Service

• Over 280,000 WordPress Sites Attacked Using WPGateway Plugin Zero-Day Vulnerability

• Asigra Tigris Data Protection now incorporates CDR for protection against deeply embedded malware

• Keysight unveils automotive test solution for mobile industry processor interface

• Motorola Solutions innovates its integrated video security and access control portfolio

• The Feeling of Safety with McAfee+

• Microsoft Patch Tuesday: 64 new vulnerabilities, including five critical ones

• Wormable Flaw, 0days Lead Sept. 2022 Patch Tuesday

• Key Takeaways From the Twitter Whistleblower’s Testimony

• Linux Foundation to form the OpenWallet Foundation to push for a universal digital wallet infrastructure

• Daon IdentityX voice biometrics now available on Genesys’ Cloud CX platform

• Oracle launches MySQL HeatWave on AWS

• Hitachi Zosen Inova selects IFS Cloud to support its ERP processes

• Salesforce expands its use of Workday to support continued global growth

• Ransomware gang threatens 1m-plus medical record leak

• VERT Threat Alert: September 2022 Patch Tuesday Analysis

• Adobe Releases Security Updates for Multiple Products

• Twitter whistleblower Zatko disses bird site as dysfunctional data dump

• Apple puts the password on life support with passkey

• BackupBuddy WordPress plugin vulnerable to exploitation, update now!

• Update now! Google patches vulnerabilities for Pixel mobile phones

• Important update! iPhones, Macs, and more vulnerable to zero-day bug

• Steam account credentials phished in browser-in-a-browser attack

• Adobe Releases Security Updates for Multiple Products

• Google acquires Mandiant to deliver an end-to-end security operations suite

• U.S. trails China in key tech areas, new report warns

• New Relic expands leadership team with Siva Padisetty as SVP and GM and Tia Williams as GVP

• Eric Schwartz joins CyrusOne as CEO

• Ridge Security and Stellar Cyber partner to deliver a single platform for SecOps teams

• CellTrust and Xillio join forces to offer secure and compliant content migration

• Westcon-Comstor signs EMEA distribution agreement with Proofpoint

• Bishop Fox Releases Cloud Enumeration Tool CloudFox

• Microsoft fixes Windows security hole likely widely exploited by miscreants

• DOD’s game plan for inflation relief

• Umbrella Extends Protection to Unmanaged iOS and Android Devices

• Is confidential computing the future of cybersecurity? Edgeless Systems is counting on it

• Private LTE fills coverage gaps for communication emergencies

• Digital divide: Tribal communities undercounted, underserved

• Serious Security: Browser-in-the-browser attacks – watch out for windows that aren’t!

• Microsoft Quashes Actively Exploited Zero-Day, Wormable Critical Bugs

• IT Security News Daily Summary 2022-09-13

• AutoRABIT unveils security tools for Salesforce ecosystems

• GPS jammers are being used to hijack trucks and down drones: How to stop them

• Microsoft Releases September 2022 Security Updates

• State pulls in $9M to improve public safety, justice IT systems

• Rethinking smart cities

• Whistleblower: China, India Had Agents Working for Twitter

• Microsoft Releases September 2022 Security Updates

• Conservative Lawmakers Demand The White House Hand Over Facebook “Misinformation” Records

• Microsoft Raises Alert for Under-Attack Windows Flaw

• ShadowPad Threat Actors Return With Fresh Government Strikes, Updated Tools

• U-Haul Customer Contract Search Tool Compromised

• Cyber criminals increasingly relying on ransomware-as-a-service, report says

• Cyberattackers Abuse Facebook Ad Manager in Savvy Credential-Harvesting Campaign

• Microsoft fixes exploited zero-day in the Windows CLFS Driver (CVE-2022-37969)

• Use-after-freedom: MiraclePtr

• Adobe Patches 63 Security Flaws in Patch Tuesday Bundle

• CISA Releases Five Industrial Control Systems Advisories

• Patch your Mitel VoIP systems, Lorenz ransomware gang is back on the prowl

• CISA Releases Five Industrial Control Systems Advisories

• Lorenz Ransomware Intrusion: How a VoIP Vulnerability Was Leveraged for Initial Access

• GSA’s Login.gov has a new director

• The Scammers’ Playbook: How Cybercriminals Get Ahold of Your Data

• Apple Releases Security Updates for Multiple Products

• How to ensure the security of bank contact centers?

• Opus Security Emerges from Stealth with $10M in Funding for Cloud SecOps and Remediation Processes

• Name That Toon: Shiver Me Timbers!

• Apple Releases Security Updates for Multiple Products

• computer worm

• Senate Dems call on ICE to halt facial recognition and buying from data brokers

• Twitter Ex-Security Chief Tells US Congress of Security Concerns

• 3 Considerations When Aligning Organizational Structure to IT/OT Governance

• Ransomware Exposed Stolen Data From Cisco on Dark Web

• Documents of Indonesian President Allegedly Leaked on the BreachForums Page

• Introducing Q-Scout, a Mobile Security Solution for the Modern World

• Arcserve Independent Global Study Finds Businesses Still Losing Mission-Critical Company Data

• We are not seeing the macro impact in cyber security, says Palo Alto Networks CEO, Nikesh Arora

• ShadowPad-Associated Hackers Targeted Asian Governments

• Why is my Wi‑Fi slow and how do I make it faster?

• How to become a CISO

• Cyber espionage campaign targets Asian countries since 2021

• AI is playing a bigger role in cybersecurity, but hackers may benefit the most

• Secure your endpoints with Transparity and Microsoft

• ICS Patch Tuesday: Siemens, Schneider Electric Fix High-Severity Vulnerabilities

• Cloud Data Security Startup Theom Emerges From Stealth With $16 Million in Funding

• Opus Security Scores $10M for Cloud Security Orchestration

• Twitter Whistleblower Reveals Employees Concerned China Could Collect User Data

• Lawsuit After KeyBank Breach Heralds Changes In Liability

• One Month After Black Hat Exposure HP Enterprise Kit Still Unpatched

• Apple Patches iPhone And macOS Flaws Under Active Attack

• Watch Mudge Testify Today

• How to get inside the mind of hackers

• Attackers Compromise Employee Data at PVC-Maker Eurocell

• FBI Warns of Drastic Implication of Unpatched/Outdated Medical Devices

• Hackers Steal Steam Credentials With ‘Browser-in-the-Browser’ Technique

• Lorenz Ransomware Goes After SMBs via Mitel VoIP Phone Systems

• Twitter prioritizes profits over security, says whistleblower Peiter ‘Mudge’ Zatko

• Secure Access Service Edge: Trends and SASE companies to watch

• Trend Micro Patches Another Apex One Vulnerability Exploited in Attacks

• Lorenz Ransomware Gang Exploits Mitel VoIP Appliance Vulnerability in Attacks

• Trend Micro addresses actively exploited Apex One zero-day

• Patch Tuesday September 2022 – Microsoft Releases Fixes for 16 Vulnerabilities, Including a Zero-Day Bug

• We’re Entering the Age of Unethical Voice Tech

• The scary future of the internet: How the tech of tomorrow will pose even bigger cybersecurity threats

• The Future of the Web: The good, the bad and the very weird

• Gartner Survey Shows 75% of Organizations Are Pursuing Security Vendor Consolidation in 2022

• Business Security Starts With Identity

• How GRC protects the value of organizations — A simple guide to data quality and integrity

• Attackers Can Compromise Most Cloud Data in Just 3 Steps

• Endpoint Security: 7 Best Practices For Mitigating Data Breaches

• Introducing Check Point Horizon – the prevention-first SOC management platform

• AutoRabit unveils security tools for Salesforce ecosystems

• Comment: New Approach To Ransomware Encryption Threatens To Undermine Cyber Security Strategies

• National Security Creep in Cross-Border Investments

• Further Attacks On Albania, Expert Weighs In

• Yanluowang Ransomware Gang Leaked Cisco Stolen Data

• Lawmakers are concerned about the security and privacy of Twitter users, says Sen. Durbin

• A new player enters the cloud security and remediation market

• Cloud security should be data-centric, says data protection provider Theom

• Spyware, Ransomware, Cryptojacking Malware Increasingly Detected on ICS Devices

• FBI Warns of Unpatched and Outdated Medical Device Risks

• iOS 16 Rolls Out With Passwordless Authentication, Spyware Protection

• Today: 2022 CISO Forum Virtual Event

• FBI Seizes Stolen Cryptocurrencies

• PCI DSS Tackles Client-Side Attacks: Everything You Need to Know About Complying With PCI 6.4.3

• Three Keys to Securing Shadow Data

• U-Haul reports data breach, customers’ info exposed

• 5 Work-From-Home Office Set Up Secrets a Self-Employed Should Know

• Asian Governments and Organizations Targeted in Latest Cyber Espionage Attacks

• Edinburgh’s Adarma partners with The Princes Trust to support inclusivity in cybersecurity

• iOS 15.7: Apple patches new iPhone security flaw, so it’s time to update

• How Whistleblowers Navigate a Security Minefield

• Iran-linked TA453 used new Multi-Persona Impersonation technique in recent attacks

• Ethereum Power-Saving Upgrade Set For This Week

• Zoom Renames Team Chat Amidst Tough Competition

• Zero-Day Vulnerability Found In WordPress Plugin Backup Buddy

• How Zero Trust Security Can Protect Your Organization from Ransomware Attacks?

• U-Haul Says Customer Data Accessed Using Compromised Credentials

• Ransomware Gang Hacks VoIP for Initial Access

• Iranian Hackers Target High-Value Targets in Nuclear Security and Genomic Research

• A closer look at ransomware attack patterns

• Apple fixes actively exploited zero-day in macOS, iOS (CVE-2022-32917)

• US ‘To Implement’ China Chip Export Restrictions

• NGOs Call Amazon EU Antitrust Proposals ‘Vague’

• China says NSA used multiple cybersecurity tools in attacks against Chinese university

• Iranian Hackers Launch Renewed Attack on Albania

• Researchers Warn of 674% Surge in Deadbolt Ransomware

• One month after Black Hat exposure HP enterprise kit still unpatched

• Micron Breaks Ground For $15bn US Memory Chip Plant

• Twitter Says Latest Musk Termination Attempt ‘Wrongful’

• Rust programming language gains dedicated security team

• Looking for adding new detection technologies in your security products?

• Self-Driving Cars ‘May Require Human Element In Long Term’

• Misinformation and propaganda in the authoritarian internet

• Cisco: Yes, Yanluowang leaked our data. No, it’s not serious

• Montenegro and its allies are working to recover from the massive cyber attack

• CrowdStrike threat report: Intrusions up, breakout time down

• LinkedIn fake job offers and emails leading to Cyber Frauds

• Ransomware hackers adopting Intermittent Encryption

• Spending time with the Girl Scouts of Greater Chicago at Northwest Indiana’s CampCEO

• Modernizing data security with a zero trust approach to data access

• Chinese-linked cyber crims nab $529 million from Indian nationals

• Apple Releases iOS and macOS Updates to Patch Actively Exploited Zero-Day Flaw

• Pro-Palestinian group GhostSec hacked Berghof PLCs in Israel

• Apple releases macOS Monterey 12.6, iOS 15.7, and more; fixes zero-day vulns

• Organizations should fear misconfigurations more than vulnerabilities

• 5 Kali Linux books you should read this year

• Reimagining the approach to incident response

• Commerce names desired winners for $1.5B enterprise IT vehicle

• Peiter ‘Mudge’ Zatko: The Wild Card in Musk’s Clash With Twitter

• Pros and Cons of 5G

• INFINIQ launches Wellid to anonymize personal information in real-time

• D3 Security launches D3 Chronos to help MSSPs with SOAR implementation

• How prepared are organizations to tackle ransomware attacks?

• GSA plans to scale up e-commerce program

• Senate bill looks to software licensing for cost savings

• NTT DATA UK&I Teams with SecurityScorecard to Transform Cyber Risk Monitoring Across the UK and Ireland

• How to unite security and compliance in 5 simple ways

• Guide to the best data privacy certifications for 2022

• Apple patches zero-day holes – even in the brand new iOS 16

• A week in security (September 5 – 11)

• The North Face hit by credential stuffing attack

• Facebook engineers aren’t sure where all user data is kept

• 6 patch management best practices for businesses

• The MSP playbook on deciphering tech promises and shaping security culture

• New GIFShell Attack Targets Microsoft Teams

• iOS 16 and watchOS 9 are here; are your devices ready?

• Google Buys Cyber Security Firm Mandiant for $5.4 Billion

• Tim Fleming joins Silverfort as Strategic Advisor

• NexPlayer integrates Verimatrix Streamkeeper and Watermarking to boost its anti-piracy capabilities

• NTT DATA and SecurityScorecard partner to provide cyber risk monitoring across the UK&I

• IKOULA and ESET join forces to block ransomware and zero-day threats

• Apple patches iPhone and macOS flaws under active attack

• Ransomware makes use of intermittent encryption to bypass detection algorithms

• Vulnerability Summary for the Week of September 5, 2022

• The Importance of Skilled Security Practitioners: How Security Skillfulness Reflects on Your Security Posture

• Vulnerability Summary for the Week of September 5, 2022

• Apple patches a zero-day hole – even in the brand new iOS 16

• IT Security News Daily Summary 2022-09-12

• Apple iOS 16: Passkeys brings passwordless authentication mainstream

• 5 actions to help state and local agencies gain visibility and improve IT hygiene

• Best Bluetooth trackers of 2022: AirTag and alternatives

• Hate Windows 11? Here’s how to make it work more like Windows 10

• How to tighten your security in Microsoft Edge

• How Machine Learning Can Boost Network Visibility for OT Teams

• Leading a Revolution to Provide Secure CCTV Cameras

• Levelling The Battlefield with Cyber as An Asymmetric Leverage

• How a fast-growing town moved from ad hoc to strategic cybersecurity

• State lays groundwork for cyber ecosystem

• Google Releases Pixel Patches for Critical Bugs

• Apple fixed the eighth actively exploited zero-day this year

• Why getting microsegmentation right is key to zero trust

• iOS 16 cheat sheet: Complete guide for 2022

• How data security posture management complements CSPM

• US Lawmakers Press Facebook On Crypto Scam Policies

• Federal Privacy Bill That Would Preempt State Privacy Laws Faces Uncertain Future

• Coast Guard bill looks to boost maritime cybersecurity

• Apple Warns of macOS Kernel Zero-Day Exploitation

• Cisco Data Breach Attributed to Lapsus$ Ransomware Group

• Popular YouTuber Scuba Jake’s channel hacked to run crypto scam

• Google Cloud closes $5.4b Mandiant acquisition

• Cisco Secure 5 Best Practices Security Analysts Can Use to Secure Their Hybrid Workforce.

• Policing With Less and Less Policing

• EFF’s “Cover Your Tracks” Will Detect Your Use of iOS 16’s Lockdown Mode

• HP Bug Left Unpatched for a Year

• 5 ways to secure devops

• US Treasury Sanctions Iranian Minister Over Hacking of Govt and Allies

• Cybersecurity Awareness Campaigns: How Effective Are They in Changing Behavior?

• Google announced the completion of the acquisition of Mandiant for $5.4 billion

• Security pros get ability to manually add incidents to Microsoft Sentinel

• New Cyberespionage Group ‘Worok’ Targeting Entities in Asia

• Google Completes $5.4 Billion Acquisition of Mandiant

• High Severity Vulnerabilities Found in HP Enterprise Devices

• Twitter Says Whistleblower Payment Did Not Violate Musk Deal

• Boffins Build Microphone Safety Kit To Detect Eavesdroppers

• Retbleed Fix Slugs Linux VM Performance By Up To 70 Percent

• Who Owns Digital Health Data? HIPPA Privacy Myths May Put Women At Risk

• Twitter Whistleblower: What Questions Will Peiter Zatko Face From Lawmakers?

• PCI DSS Tackles Client-Side Attacks: Everything You Need Know About Complying With PCI 6.4.3

• Reducing the risk of ransomware

• Multilingual Cybersecurity Awareness Training adapted for your needs

• Which Apple Watch is Right for You in 2022?

• ‘Cyber insecurity’ in healthcare is leading to increased patient mortality rates

• Chidozie Collins Obasi – COVID Fraud & Work at Home Scams

• Hackers Abuse Native Linux Tools to Launch Attacks On Linux Systems

• Oxeye Discovers Several High Severity IDOR Vulnerabilities in Harbor

• China Accuses NSA’s TAO Unit of Hacking its Military Research University

• New Linux Cryptomining Malware

• How to Make Container Security Threats More Containable

• Cybersecurity’s Too Important To Have A Dysfunctional Team

• Lampion Trojan Launches New Campaign Through File-Sharing Service

• Iranian APT42 Launched Over 30 Espionage Attacks Across 14 Nations

• Cybersecurity grants are coming. Are you ready?

• Google Completes Acquisition of Mandiant

• iOS 16 Has 2 New Security Features for Worst-Case Scenarios

• Shadow IT and shadow IoT

• Next Generation Leadership for Special Operations Forces

• Lazarus APT Uses Log4j Flaw To Hack US, Canadian Energy Co’s – Cyber Experts Comment

• 65% Say Legacy Backup Solutions Aren’t Up To Ransomware Challenges

• Survey Connects Cybersecurity Skills Gap to Increase in Breaches

• The worst thing about eSIM-only iPhone 14s

• Montenegro Wrestles With Massive Cyberattack, Russia Blamed

• Vulnerability in BackupBuddy Plugin Exploited to Hack WordPress Sites

• Ethical AI, Possibility or Pipe Dream?

• Ransomware Group Leaks Files Stolen From Cisco

• SaaS Alerts Raises $22 Million to Help MSPs Protect Business Applications

• Security Awareness Training Must Evolve to Align With Growing E-Commerce Security Threats

• The La School District Cyber Attack Keeps Unravelling – Expert Comments

• Thousands of QNAP NAS devices hit by DeadBolt ransomware (CVE-2022-27593)

• Improvements, new features and integrations now available on the ImmuniWeb AI Platform

• (ISC)² and Venafi Explore The Strange New World of Machine Identity Management

• Security Breaks: TeamTNT’s DockerHub Credentials Leak

• FAA again extends deadline for $2.4B IT services contract

• Hacktivist Group GhostSec Compromises 55 Berghof PLCs Across Israel

• 76% Of Financial Institutions Plan On Using Crypto In The Next 3 Years

• Scammers Leveraging Microsoft Team GIFs in Phishing Attacks

• Hackers Hit UK Water Supplier

• Avast and NortonLifeLock merge to tackle new challenges in Cyber Safety

• Why Vulnerability Scanning is Critical for SOC 2

• Palestinian Hacktivist Group GhostSec Compromises 55 Berghof PLCs Across Israel

• Cisco Patches High-Severity Vulnerability in SD-WAN vManage

• Critical KEPServerEX Flaws Can Put Attackers in ‘Powerful Position’ in OT Networks

• Google Patches Critical Vulnerabilities in Pixel Phones

• iOS 16 Has Two New Security Features for Worst-Case Scenarios

• Policy Monitor to launch CSPM, an Information Security Management System, at the International Cyber Expo

• Alphabet Life Sciences Unit Verily Gets $1bn Investment

• US Lawmakers Warn Apple Over Chinese Memory Chips

• Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of September 5, 2022

• Common Criteria Certification: What Is It, and What Does It Mean for Tripwire Enterprise?

• Cops Raid Suspected Fraudster Penthouses

• Silicon In Focus Podcast: Your Essential Cybersecurity Tech Stack

• ICO Slams Government Departments Over FOI Failings

• Ransomware Actors Embrace Intermittent Encryption

• Cisco confirms that data leaked by the Yanluowang ransomware gang were stolen from its systems

• Energy Providers Targeted by Lazarus Group

• Outdated infrastructure remains a problem against sophisticated cyberattacks

• 6 Best Time Management Software For Small Businesses 2022

• EU Says It Will Not Appeal Qualcomm Antitrust Decision

• Sea Ltd Lays Off E-Commerce, Gaming Staff After Heavy Loss

• EU Plans Consultation On Tech Giants’ Contribution To Telco Costs

• North Korean Lazarus Group Hacked Energy Providers Worldwide

• Vulnerability in WordPress BackupBuddy Plugin Exploited By Hackers

• Investigators Seize $30m in Stolen Crypto from North Korea

• Hackers Compromise Employee Data at PVC-Maker Eurocell

• High-Severity Firmware Security Flaws Left Unpatched in HP Enterprise Devices

• Software developers, how secure is your software ?

• EU Broadens Google Adtech Probe With Portugal Case

• Boffins build microphone safety kit to detect eavesdroppers

• Some firmware bugs in HP business devices are yet to be fixed

• Darktrace acquisition deal of Thoma Bravo terminated

• FBI issues serious cyber threat alert about Vice Society

• Financial organizations fail to act on firmware breaches

• Building a successful cybersecurity business, one client at a time

• Sharing secrets has been ‘effective’ against Russia, but the tactic has limits, CIA chief says

• The ClubCISO report reveals a fundamental shift in security culture

• How to Correctly Classify Your Data in 2022

• MSPs and cybersecurity: The time for turning a blind eye is over

• Bad bots are coming at APIs! How to beat the API bot attacks?

• DHS launches ‘largest customer experience hiring initiative’ with hundreds of technologist positions

• Report: Benchmarking security gaps and privileged access

• Homeworkers putting home and business cyber-safety at risk

• Socure enhances KYC/CIP solution to ensure compliance and identity verification

• Retbleed fix slugs Linux VM performance by up to 70 percent

• Fastway deploys Verimatrix VCAS to protect its DVB Hybrid network

• The ransomware problem won’t get better until we change one thing

• Report Highlights Prevalence of Software Supply Chain Risks

• Albania was hit by a new cyberattack and blames Iran

• IT Security News Weekly Summary – Week 36

• IT Security News Daily Summary 2022-09-11

• Lazarus Hackers are Using Log4j to Hack US Energy Companies

• Conti Gang Doppelganger Adopts Recycled Code

• Meta Disbands Team Studying Negative Impacts Of Facebook, Instagram

• Bangsamoro Peace and the U.S.-Philippines Alliance

• Threat Actors Exploit WeTransfer to Spread Lampion Malware

• Security Affairs newsletter Round 383

• Iran-linked APT42 is behind over 30 espionage attacks

• Week in review: Free online cybersec courses, Signal post-quantum upgrade, Patch Tuesday forecast

• Chinese Govt-Backed Hackers Using PlugX Malware To Attack Gov Officials

• Penetration testing

• Classified NATO Documents Stolen from Portugal, Now Sold on Darkweb

• Iranian APT42 Launched Over 30 Espionage Attacks Against Activists and Dissidents

• RegScale Selected as 2022 SINET16 Innovator Award Winner

• CSI Secures Record Number of NuPoint® Customer Deals

• U.S. Enterprises Aim for Holistic Cyber Defense, Recovery

• Weekly Update 312

• Keysight and IBM sign memorandum of understanding to open RAN deployments in Europe

Generated on 2022-09-18 23:59:18.024842