Google, Apple, Microsoft promise end to passwords, courtesy of your mobile phone
How to use KDE Plasma’s Konsole SSH plugin
CrowdStrike vs FireEye: Compare EDR software
Check Point vs Palo Alto: Comparing EDR software
How to manage your Alexa voice recordings and privacy
Heroku: Cyberattacker Used Stolen OAuth Tokens to Steal Customer Account Credentials
CIA Wants Russians to Share Secret Info with the Agency via its Darknet Site
HBCUs could be one key to improving equity in federal contracting and technology
SentinelOne finds high-severity flaws in Avast, AVG
US Cyber Command Team Helps Lithuania Protect Its Networks
NIST Issues Guidance for Addressing Software Supply-Chain Risk
Google addresses actively exploited Android flaw in the kernel
EU Antitrust Head Calls For Global Approach To Tackle Big Tech
Senator not sold on Army’s $22 billion bet on IVAS
Why rural communities struggle to bring in much-needed federal grants
A Third of Americans Use Easy-to-Guess Pet Passwords
Microsoft, Apple, Google accelerate push to eliminate passwords
Critical Cisco VM-Escape Bug Threatens Host Takeover
Cisco Releases Security Updates for Enterprise NFV Infrastructure Software
[Video] Introduction to Use-After-Free Vulnerabilities | UserAfterFree Challenge Walkthrough (Part: 1)
Top Cyber Threats to the Telecom Industry
NASA chief calls out the ‘plague’ of cost-plus contracts
FBI: Bank Losses From BEC Attacks Top $43B
Cisco Releases Security Updates for Enterprise NFV Infrastructure Software
Demystify the Cybersecurity Risk Management Process
India to Collect User Data from VPNs, Data Centers, and Cloud Service Providers
Phishing threats attempt to hook new government victims
Catalan: Spain Spy Chief Admits Legally Hacking Some Phones
Google cloud misconfiguration poses risk to customers
GitHub to Enforce Two-Factor Authentication
Hunter Biden Laptop Repairman Sues Over Hacker Allegations
Magnet Forensics Acquires Cybersecurity Software Firm Comae Technologies
Attackers Use Event Logs To Hide Fileless Malware
Avast Patches Decades Old Vulnerabilities In Antivirus Product
VHD Ransomware Linked To North Korea’s Lazarus Group
Stung By 3 Court Losses, ISPs Stop Fighting California’s Net Neutrality Law
India to Collect User Data from VPNs, Crypto, Data Centers, and Cloud Service Providers
Modern Identity and Access Management Makes a Difference, Especially at a Mega-Scale
Cisco Announces Cloud Controls Framework Is Now Available to Public
World Password Day: Why we need a password-less future
World Password Day: Why are passwords still a problem in 2022?
Dutch Watchdog To Investigate Google Play Store Practices
Report: Cybersecurity workforce must grow by two-thirds to protect assets
It’s World Password Day! Here’s the one simple tip you need to keep your accounts secure online
Multichannel Phishing Concerns Cybersecurity Leaders in 2022
Safeguarding From Container Attacks Inside the Cloud
NHS Email Servers used for Phishing Attacks
X-Force Research Update: Top 10 Cybersecurity Vulnerabilities of 2021
GitHub Announces Mandatory 2FA for Code Contributors
Illuminate Data Breach Impacts More School Districts
VPN Providers Threaten to Quit India Over New Data Law
The Movement to Ban Government Use of Face Recognition
The $43 billion Business Email Compromise threat
US VP Kamala Harris To Meet Amazon Labor Union At White House
SYN flood attack
Cisco adds predictive networking SaaS options to improve uptime and security
White House: Quantum computers could crack encryption, so here’s what we need to do
FBI: Email fraud keeps getting worse. Here’s how to protect yourself
US Gov Issues Security Memo on Quantum Computing Risks
1,000+ Attacks in 2 Years: How the SideWinder APT Sheds Its Skin
One Identity Guest Blog – The password checklist
Nigerian Tesla: 419 scammer gone malware distributor unmasked
Cisco addresses three bugs in Enterprise NFVIS Software
Security recommendations for SAP HANA on RHEL
The Chatter Podcast: Why We Fight with Christopher Blattman
Chinese State-Sponsored APT Naikon Resurfaces with New Tactics, Techniques, and Procedures (TTPs).
Google fixes two critical Pixel vulnerabilities: Get your updates when you can!
NSA chief: Cyber Command did 9 international missions last year
$43 billion stolen through Business Email Compromise since 2016, reports FBI
S3 Ep81: Passwords (still with us!), Github, Firefox at 100, and network worms [Podcast]
Docker Under Siege: Cybercriminals Compromise Honeypots to Ramp Up Attacks
NIST Releases Updated Cybersecurity Guidance for Managing Supply Chain Risks
Vendor Email Compromise (VEC) Explained
AvosLocker Ransomware Uses Driver Files to Disable Anti-Virus Solutions
Android’s May 2022 Security Updates Patch 36 Vulnerabilities
Why Security Matters Even More in Online Gaming
Google to Add Passwordless Authentication Support to Android and Chrome
A couple of 10-Year-Old flaws affect Avast and AVG antivirus
Why a Focus on Gender Increases National Security
NCSC Warns Of Threats Posed By Malicious Apps
Google chases sovereignty market with EU Workspace Data product
AutoRABIT Raises $26 Million for Salesforce DevSecOps Platform
Forrester Report Reveals the 5 Benefits IT Teams Really Need from API Security Tools
Kellogg Community College Closes after Ransomware Attack
Car Rental Giant Sixt Hit by Cyberattack, Operations Shut Down
Cloudflare Successfully Thwarted One of The Largest DDoS Attacks
Data Theorem launches attack surface management product that identifies 3P assets & appsec violations
Apple, Microsoft and Google announce plans to enable passwordless authentication for billions of devices
Google unveils passwordless log-in plans on World Password Day
NSA chief: Cyber Command did 9 cyber defense missions last year
How Can Healthcare Keep a Stronger Lock Down on their Cybersecurity
F5 Warns of Critical Bug Allowing Remote Code Execution in BIG-IP Systems
CANs Reinvent LANs for an All-Local World
Latest Cohort Announced for NCSC For Startups
Every ISP in the US Must Block These 3 Pirate Streaming Services
UK National Health Service Email Accounts Compromised by Hackers to Steal Microsoft Logins
This World Password Day consider ditching passwords altogether
5 Advantages of Fraud Scoring
NetDooka Framework Distributed via PrivateLoader Malware as Part of Pay-Per-Install Service
VHD Ransomware Linked to North Korea’s Lazarus Group
GitHub to Developers: Turn on 2FA or Lose Access
Announcing the public availability of the Cisco Cloud Controls Framework (CCF)
Researchers discover ‘dangerous functionality’ in Google Cloud control pane
Decade-old bugs discovered in Avast, AVG antivirus software
A security researcher told me my passwords and more: How 15 years of digital footprints left me exposed
Google, Apple, Microsoft make a new commitment for a “passwordless future”
OT Security Firm Network Perception Raises $13 Million
The Importance of Defining Secure Code
FBI: Losses From BEC Scams Surpass $43 Billion
Flaws in Avast, AVG Antiviruses Could Have Facilitated Attacks on Millions of Devices
Researchers Disclose 10-Year-Old Vulnerabilities in Avast and AVG Antivirus
15.3 Million Request-Per-Second DDoS Attack
Critical F5 BIG-IP flaw allows device takeover, patch ASAP! (CVE-2022-1388)
BIG-IP RCE Bug Could Allow Device Takeover
April 2022 Cybersecurity Roundup: Funky Pigeon cyber attack, Costa Rica ransomware attack, Mailchimp cybersecurity negligence lawsuit
It’s business as usual for REvil ransomware
OpenSSF Launches Package Analysis Tool To Detect Malicious Packages
What is a Progressive Website Application?
Netflix Sued By Shareholders Over Subscription Disclosure
World Password Day: Brushing up on the basics
The Age of Zero-day Java Vulnerabilities
Check Point Software Outlines Five Must-Haves for Creating a Secure Password
There’s no sugarcoating it: That online sugar daddy may be a scammer
Thousands of Borrowers’ Data Exposed from ENCollect Debt Collection Service
Heroku Forces User Password Resets Following GitHub OAuth Token Theft
Cisco Patches Critical VM Escape in NFV Infrastructure Software
OWASP patches path traversal flaw
1-15 April 2022 Cyber Attacks Timeline
It’s time for Internet Providers to Become Primary Security Providers
Industry Groups Drop Challenge To California Net Neutrality Law
F5 warns its customers of tens of flaws in its products
China stealing intellectual data from Europe and North America
Google is protecting Ukraine from State Sponsored Cyber Attacks of Russia
FBI warns of new reverse instant payments banking scam
South Korea Admitted to NATO Cyber Defense Center
1000s of phishing emails sent from NHS inboxes
Multi-factor authentication: Busting a handful of common myths
FBI: Thailand and Hong Kong Banks Used Most in BEC
NHS Inboxes Hijacked to Send 1000+ Malicious Emails
Apple AirTags: One Year On – Intego Mac Podcast Episode 238
ID theft tools small businesses should invest in 2022 – Tighten your security
Try the Cloud NGFW Free Trial in AWS Marketplace
VM escape and root access bugs fixed in Cisco NFV infrastructure software
Federal Court finds RI Advice failed to manage cybersecurity risks in landmark decision
Phishing operation hits NHS email accounts to harvest Microsoft credentials
Biden orders new quantum push to ensure encryption isn’t cracked by rivals
How the EPL tackles piracy and stops people going around the wall
Beijing-backed gang looted IP around the world for years, claims Cybereason
Tackling the threats posed by shadow IT
What Does Volunteering at (ISC)² Mean? Hear From Volunteer Lisa Vaughan
Passwords are secrets that should never be shared
Australian Businesses That Adopt Eagle Eye Networks Cloud Video Surveillance Are Eligible for Tax Break
3 most dangerous types of Android malware
GitHub to require two factor authentication for code contributors by late 2023
7 threat detection challenges CISOs face and what they can do about it
World Password Day is Dead. Long Live World Password Day!
Cisco Issues Patches for 3 New Flaws Affecting Enterprise NFVIS Software
How to identify vulnerabilities with NMAP
Computer Malfunction Leads to Death of Over 27,000 Chickens
F5 Warns of a New Critical BIG-IP Remote Code Execution Vulnerability
Data Theorem Supply Chain Secure identifies third-party vulnerabilities across the application software stack
Building on Your Existing DAM Instance is Smart Budget Planning
Variscite enhances IoT and edge security with over-the-air software updates
BIO-key MobileAuth enhancements safeguard access to critical data
Uptycs helps security teams strengthen security posture with CIEM capabilities
Noname Security Active Testing allows businesses to stop vulnerabilities before they reach production
Veracode Continuous Software Security Platform enables organizations to mitigate their security risk
Idaho Needs to Shore Up Cybersecurity, Task Force Says
World Password Day – the 1960s just called and gave you your passwords back
Syniti Migrate optimizes data migration for enterprise customers
Elastic Observability 8.2 provides fine-grain control over data collection and storage
Atos partners with VMware to help organizations drive value from data
Binarly collaborates with immune to secure modern computer infrastructure
Votiro partners with Thales to strengthen zero trust security for enterprises
US Cyber Command shored up nine nations’ defenses last year
Megaport and Bechtle join forces to accelerate digital and network transformation for companies
Report: 75% of companies are focusing on cloud-native apps
GitHub to Developers: Turn on 2FA, or Lose Access
Brian Stone joins NetAbstraction as CRO
Digital Security and Privacy Tips for Those Involved in Abortion Access
Workshop: Simplifying Network Security in the Cloud
India Forces All VPN Providers to Log and Store User Data
China-linked Winnti APT steals intellectual property from companies worldwide
Radware launches SkyHawk Security to improve the overall security posture for organizations
DocuSign hires Steve Shute as President of Worldwide Field Operations
Island appoints Jennifer Park as CPO
Tetrate appoints Paul Machle as CFO
Traceable AI raises $60 million for unique API security platform
IT Security News Daily Summary 2022-05-04
2022-05-03 – Contact Forms campaign –> Bumblebee –> Cobalt Strike
Senator calls on Biden to fill OSTP leadership role
Space Force to bring data scientists, coders on board this summer
City, state cybersecurity programs follow Washington’s lead
IRS leader explains why the IRS went to ID.me
FirstNet boosts in-building coverage
Need help finding broadband grants? Tool helps sift through opportunities
EU Hands Police Agency New Powers Over Personal Data
Microsoft Releases Defender for SMBs
China-Backed Winnti APT Siphons Reams of US Trade Secrets in Sprawling Cyber-Espionage Attack
Q&A: How China Is Exporting Tech-Based Authoritarianism Across the World
Appwrite launches fund to help sustain open-source software development
FBI says Business Email Compromise attacks have cost over $43 billion since 2016
Kubernetes 1.24 Stargazer: An exceptional release with two major changes
Google Sees More APTs Using Ukraine War-Related Themes
Kaspersky Warns of Fileless Malware Hidden in Windows Event Logs
Groundbreaking Cybersecurity Book Published
F5 Releases Security Advisories Addressing Multiple Vulnerabilities
Cisco StarOS Forensic Guide Published
Google SMTP Relay Service Exploited for Sending Phishing Emails
Cisco Predictive Networks To Recognise Future Network Outages, Issues
What Are the Best Ways to Protect Your CAD/CAM Data?
How the TMF helps agencies pave the way toward zero trust
Wastewater monitoring took off during the COVID-19 pandemic – and here’s how it could help head off future outbreaks
Hubble Technology Banks $9 Million for Asset Visibility Platform
Mozilla Releases Security Updates for Firefox and Firefox ESR
F5 Releases Security Advisories Addressing Multiple Vulnerabilities
F5 Informs BIG-IP Customers About 18 Serious Vulnerabilities
Court Rules That Facebook Can Turn Over Private Info To Law Enforcement
Mozilla Releases Security Updates for Firefox and Firefox ESR
Tax Sanctions and Foreign Policy
Russia-linked APT29 Targets Diplomatic World Wide
China-linked APT Caught Pilfering Treasure Trove of IP
Coveware: Double-extortion ransomware attacks fell in Q1
New Ransomware Variant Linked to North Korean Cyber Army
This World Password Day, Here’s How a Password Manager Can Simplify Your Life
China-Linked Winnti APT Group Silently Stole Trade Secrets for Years: Report
SIM Fraud Solution Sparks Privacy Fears
Security Stuff Happens: What Will the Public Hear When You Say You’ve Been Breached?
Anonymous Hacks Russian Energy Companies, Leaking 1Million+ Emails
Mental Health Apps Fail Privacy Guidelines Spectacularly, Says Mozilla
Bridging the Needs of Security and Development Teams, Veracode Unveils Next-Generation Software Security Platform
Microsoft releases open-source tool for securing MikroTik routers
What are the Most Common Types of SSL Errors and How to Fix Them?
Android monthly updates are out – critical bugs found in critical places!
CISA Adds Five Known Exploited Vulnerabilities to Catalog
How a senior product manager is leading the passwordless movement at Microsoft
Unfixed vulnerability in popular library puts IoT products at risk
Cyber Attack on Nile Dam foiled by Ethiopian Authorities
Yubico Releases MFA Guide in Recognition of World Password(less) Day
Araali Networks Selected as Finalist for RSA Conference 2022 Innovation Sandbox Contest
German Minister Urges Tougher EU Antitrust Action
HHS Information Security Program ‘Not Effective’
Can New York court and regulate the crypto industry at the same time?
CISA Adds Five Known Exploited Vulnerabilities to Catalog
8 security tips for small businesses
Tailscale raises $100M for its zero-trust VPN
GitHub launches new 2FA mandates for code developers, contributors
Communication around Heroku security incident dubbed ‘train wreck’
AI for Cybersecurity Shimmers With Promise, But Challenges Abound
Vulnerabilities Allow Hijacking Of Most Ransomware To Prevent File Encryption
Bangladesh Cyber Incident Response Team has Issued a Warning About Malware Attacks Around Eid
Kubernetes taps Sigstore to thwart open-source software supply chain attacks
UK to Place Security Requirements on App Developers and Store Operators
Pro-Ukraine attackers compromise Docker images to launch DDoS attacks on Russian sites
The House Should Fine Bannon, Meadows, Navarro and Scavino Now If It Wants Their Testimony
BT Opts For AWS As Cloud Provider To Assist In IT Transformation
Instagram Hack Results in $1 Million Loss in NFTs
Magniber Ransomware Tricking Users via Fake Windows 10 Updates
Cisco Issues Fresh Warning Over Counterfeit Switches
Webinar Today: Blast Radius & Simulated Attack Paths
Uptycs Announces New Cloud Identity and Entitlement Management (CIEM) Capabilities
AutoRABIT Secures $26M in Series B Investment from Full In Partners to Expand DevSecOps Platform
What Stars Wars Teaches Us About Threats
SEC Plans to Hire More Staff in Crypto Enforcement Unit to Fight Frauds
US To Impose Sanctions On China’s Hikvision – Report
This unpatched DNS bug could put ‘well-known’ IoT devices at risk
This sneaky hacking group hid inside networks for 18 months without being detected
Attackers Use Event Logs to Hide Fileless Malware
SAC Health System Impacted By Security Incident
Chinese Hackers Caught Stealing Intellectual Property from Multinational Companies
White House Boosting Quantum Technology And Cybersecurity
Unpatched DNS Bug Puts Millions Of Routers, IoT Devices At Risk
SEC Nearly Doubles Crypto Currency Cop Roles In Special Cyber Unit
Cybersecurity firm Cybereason uncovers Chinese espionage campaign
Anonymous Leak 82GB of Police Emails Against Australia’s Offshore Detention
One Small Error by DevOps, One Giant Opening for Attackers
Mosyle raises $196M for its mobile device management platform for Apple devices
GitHub to enforce 2FA for all code contributors by the end of 2023
Tailscale raises $100 million for its zero-trust VPN
Appwrite launches fund to help sustain open source software development
Experts linked multiple ransomware strains North Korea-backed APT38 group
This Sneaky Hacking Group Hid Inside Networks For 18 Months Without Being Detected
The 2022+ Fit-for-Purpose OSINT Toolkit In The Age Of Digital Risk Growth
Watch Out! Verified Twitter Accounts Are Targeted in Phishing Attacks
Fake Cyberpunk Ape Executives target artists with malware-laden job offer
Board, (Dash)board and Bored
Critical RCE Bug Reported in dotCMS Content Management Software
Application Security Firm ShiftLeft Raises $29 Million
Aryaka, Carnegie Mellon’s CyLab to Research New Threat Mitigation Techniques
A Step-By-Step Guide on How To Remove Ransomware?
Chinese Hackers Abuse Cybersecurity Products for Malware Execution
India’s New Super App Has a Privacy Problem
New Sophisticated Malware
Transport for NSW Suffered a Cyber Incident
Cybersecurity for banks – Securing advanced e-Banking services
Mosyle raises $200 million for its mobile device management platform for Apple devices
Vulnerabilities Allow Hijacking of Most Ransomware to Prevent File Encryption
NCSC updates build environment best practices
A checklist to help healthcare organizations respond to a serious cyberattack
The EU’s Copyright Directive Is Still About Filters, But EU’s Top Court Limits Its Use
Chinese ride-hailing giant Didi says U.S. regulator is investigating its $4 billion IPO
Apple Store Union Vote To Take Place Next Month
Unpatched DNS Bug Puts Millions of Routers, IoT Devices at Risk
A new secret stash for “fileless” malware
SEC bolsters cyber and crypto assets team
Musk Touts ‘Slight Cost’ For Business Use Of Twitter
Healthcare and Education Sectors Most Susceptible to Cyber Incidents
An expert shows how to stop popular ransomware samples via DLL hijacking
NCSC Updates Code of Practice for Smart Building Security
State-Backed Chinese Hackers Target Russia
A Tripwire Milestone: ASPL – 1000 is here
SEC Doubles Cyber and Crypto Assets Team
Ukraine War Themed Files Become the Lure of Choice for a Wide Range of Hackers
Is It Easy to Install a Hard Drive on Your Computer – 2022 Guide
Chinese Hacker Group Targeting Telecommunication Service Providers
DHS manipulated report on Russian election interference during the Trump administration, watchdog says
Lnkbomb- Exploit Insecure File Shares
Allowing too many exceptions leaves you wide open to infection
Transport for NSW struck by cyber attack
How I almost fell for an online rental scam
Heroku to begin user password reset almost a month after GitHub OAuth token theft
Putin threatens supply chains with counter-sanction order
Wiper malware threat to the healthcare sector in US and Ukraine
Norton to pay Columbia University a penalty for Malware patent infringement
Stealthy APT group plunders very specific corporate email accounts
AV-Comparatives: Microsoft Defender has a large impact on system performance
Self-promotion in cybersecurity: Why you should do it, and how
Google TAG sees China PLA group go after multiple Russian defence contractors
Chinese hackers perform ‘rarely seen’ Windows mechanism abuse in three-year campaign
Winnti threat group rides again with IP theft campaign
The 6 steps to a successful cyber defense
BigBear.ai to Highlight Artificial Intelligence and Machine Learning Capabilities at Upcoming Industry Events
Endpoint security and remote work
Good end user passwords begin with a well-enforced password policy
How to enhance your cyber defense program with CIS SecureSuite
Dell expands its offerings to help customers improve cyber resiliency
Enpass Business allows organizations to choose where they store their data
N-able Cove Data Protection provides cloud-first backup and disaster recovery for businesses
OccamSec Incenter helps security teams uncover complex vulnerabilities
SEC nearly doubles size of crypto and cyber enforcement unit
Putting It All Together
Instagram Credentials Stealer: Disguised as Mod App
Cyber-spies target Microsoft Exchange to steal M&A info
What Should I Know About Defending IoT Attack Surfaces?
WEBGAP partners with Intel to accelerate the adoption of remote browser isolation cybersecurity
StorONE and Seagate join forces to solve important storage-related challenges
Parfin selects Anjuna Security to protect MPC custody assets against risk and misuse
Aryaka partners with Carnegie Mellon University CyLab to develop new threat mitigation techniques
Click Here For The Original Source.
————————————————————————————-