Study - Technical - LMS-SFC EN) - Cyber Security - News Archive July 2022


Cyber Security - News Archive

July 2022

31.07.2022 - News from cyber security.

- Week in review: Attackers abandoning malicious macros, average data breach cost soars. (to the original material)

- Australia charges dev of Imminent Monitor RAT used by domestic abusers. (to the original material)

- Huge network of 11,000 fake investment sites targets Europe. (to the original material)

- Threat actor claims to have hacked European manufacturer of missiles MBDA. (to the original material)

- 17 Android Apps on Google Play Store, dubbed DawDropper, were serving banking malware. (to the original material)

- Security Affairs newsletter Round 376 by Pierluigi Paganini. (to the original material)

- North Korea-linked SharpTongue spies on email accounts with a malicious browser extension. (to the original material)

30.07.2022 - News from cyber security.

- Adware cleaner apps promoted on Facebook sneaked into the Play Store. (to the original material)

- Meta (Facebook), U.S. hospitals sued for tracking patients on medical portals. (to the original material)

- Facebook ads push Android adware with 7 million installs on Google Play. (to the original material)

- Melbourne Man Charged With Creating Global Spyware. (to the original material)

- Reading the “ENISA THREAT LANDSCAPE FOR RANSOMWARE ATTACKS” report. (to the original material)

- CISA orders to patch an actively exploited flaw in Confluence servers. (to the original material)

29.07.2022 - News from cyber security.

- Ransomware: Publicly Reported Incidents are only the tip of the iceberg. (to the original material)

- CISA Adds One Known Exploited Vulnerability to Catalog. (to the original material)

- Attackers are slowly abandoning malicious macros. (to the original material)

- New infosec products of the week: July 29, 2022. (to the original material)

- Why there is no quick fix for cyber attacks. (to the original material)

- Researchers create key tech for quantum cryptography commercialization. (to the original material)

- Using real customer data in testing environments creates unnecessary risk. (to the original material)

- CISA warns of critical Confluence bug exploited in attacks. (to the original material)

- US govt warns Americans of escalating SMS phishing attacks. (to the original material)

- LockBit ransomware abuses Windows Defender to load Cobalt Strike. (to the original material)

- Microsoft links Raspberry Robin malware to Evil Corp attacks. (to the original material)

- Justice Department Probing 2020 Federal Court System Breach. (to the original material)

- CyberArk, Delinea, One Identity Top Gartner MQ for PAM (Privileged Access Management). (to the original material)

- Ukraine, US Sign Cybersecurity Pact. (to the original material)

- ISMG Editors: Privacy Special With Lisa Sotto. (to the original material)

- Facebook Slapped With Another Health Data Privacy Lawsuit. (to the original material)

- Microsoft experts linked the Raspberry Robin malware to Evil Corp operation. (to the original material)

- Strong Authentication – Robust Identity and Access Management Is a Strategic Choice. (to the original material)

- Exploitation is underway for a critical flaw in Atlassian Confluence Server and Data Center. (to the original material)

- Malware-laced npm packages used to target Discord users. (to the original material)

28.07.2022 - News from cyber security.

- Cybersecurity news of the week (28.07.2022). (to the original material)

- CISA Releases Log4Shell-Related MAR (Malware Analysis Report). (to the original material)

- Kubernetes security: Shift-left strategies and simplifying management. (to the original material)

- The future of attack surface management (ASM). (to the original material)

- Only 25% of organizations consider their biggest threat to be from inside the business. (to the original material)

- 84% of organizations experienced an identity-related breach in the past 18 months. (to the original material)

- 1 in 3 employees don’t understand why cybersecurity is important. (to the original material)

- Ransom payments fall as fewer victims choose to pay hackers. (to the original material)

- Microsoft SQL servers hacked to steal bandwidth for proxy services. (to the original material)

- LibreOffice addresses security issues with macros, passwords. (to the original material)

- Cyberspies use Google Chrome extension to steal emails undetected. (to the original material)

- Akamai blocked largest DDoS in Europe against one of its customers. (to the original material)

- Malicious npm packages steal Discord users’ payment card info. (to the original material)

- As Microsoft blocks Office macros, hackers find new attack vectors. (to the original material)

- Phishing-as-a-Service Platform Offers Cut-Rate Prices. (to the original material)

- Microsoft Denounces Advanced Spyware in Bid to Defuse It. (to the original material)

- The Growing Cost of Data Breaches, Especially in Healthcare. (to the original material)

- Analysis: How Uber Covered Up a Breach and Avoided Charges. (to the original material)

27.07.2022 - News from cyber security.

- Samba Releases Security Updates. (to the original material)

- Telecom & Trust Services Incidents in 2021: Over-The-Top (OTT) Challenges Emerging. (to the original material)

- The global average cost of a data breach reaches an all-time high of $4.35 million. (to th original material)

- Israel’s new cyber-kinetic lab will boost the resilience of critical infrastructure. (to the original material)

- Organizations are struggling with SaaS security. Why? (to the original material)

- How SMBs are evolving their cybersecurity operations practices. (to the original material)

- Cybercrime goods and services are cheap and plentiful. (to the original material)

- Find out why developers love Pentest as a Service (PtaaS - Pentest-as-a-Service). (to the original material)

- The strange similarities between Lockbit 3.0 and Blackmatter ransomware. (to the original material)

- Fedora ditches 'No Rights Reserved' software over patent concerns. (to the original material)

- What Talos Incident Response learned from a recent Qakbot attack hijacking old email threads. (to the original material)

- Kansas MSP shuts down cloud services to fend off cyberattack. (to the original material)

- New ‘Robin Banks’ phishing service targets BofA, Citi, and Wells Fargo. (to the original material)

- Spain arrests suspected hackers who sabotaged radiation alert system. (to the original material)

- Microsoft: Windows, Adobe zero-days used to deploy Subzero malware. (to the original material)

- GitHub introduces 2FA and quality of life improvements for npm. (to the original material)

- DDoS Attack Trends in 2022: Ultrashort, Powerful, Multivector Attacks. (to the original material)

- Tech Alone Won't Defeat Advanced Spyware, US Congress Told. (to the original material)

- Human to Merge with PerimeterX to Thwart Bot Attacks, Fraud. (to the original material)

- iPad Theft Is Reminder That Devices Still Cause PHI Breaches. (to the original material)

- Feds Double Reward for Tips on North Korean-Backed Actors. (to the original material)

26.07.2022 - News from cyber security.

- Vulnerability Summary for the Week of July 18, 2022. (to the original material)

- Targeted campaign uses infostealer to hijack Facebook Business accounts. (to the original material)

- The infosec investment landscape: Which tech gets the most bucks? (to the original material)

- Major shifts and the growing risk of identity fraud. (to the original material)

- Benefits of modern PAM (Privileged Access Management): Efficiency, security, compliance. (to the original material)

- Product showcase: The Cynomi Virtual CISO (vCISO) platform. (to the original material)

- Infosec pros want more industry cooperation and support for open standards. (to the original material)

- Hackers scan for vulnerabilities within 15 minutes of disclosure. (to the original material)

- Microsoft: IIS extensions increasingly used as Exchange backdoors. (to the original material)

- New Android malware apps installed 10 million times from Google Play. (to the original material)

- Hackers steal $6 million from blockchain music platform Audius. (to the original material)

- U.S. doubles reward for tips on North Korean-backed hackers. (to the original material)

- No More Ransom helps millions of ransomware victims in 6 years. (to the original material)

- LockBit claims ransomware attack on Italian tax agency. (to the original material)

- LinkedIn phishing target employees managing Facebook Ad Accounts. (to the original material)

- Financial tech continues to capture VC (Venture Capitalist) support, despite declining investments. (to the original material)

- Ducktail criminal group targets Facebook Business with malware to take over accounts. (to the original material)

- U.S. increased rewards for info on North Korea-linked threat actors to $10 million. (to the original material)

- Threat actors leverages DLL-SideLoading to spread Qakbot malware. (to the original material)

- Zero Day attacks target online stores using PrestaShop. (to the original material)

- CosmicStrand, a new sophisticated UEFI firmware rootkit linked to China. (to the original material)

- Quarterly Report: Incident Response Trends in Q2 2022. (to the original material)

- Cyber Incident Cost $100 Million, Tenet Healthcare Reports. (to the original material)

- Kaspersky Researchers Dissect Bootup Rootkit. (to the original material)

- Titanium Blockchain CEO Convicted of $21 Million Fraud. (to the original material)

- The Decade in Vulnerabilities and Why They Persist. (to the original material)

25.07.2022 - News from cyber security.

- Why firms need to harness identity management before it spirals into an identity crisis. (to the original material)

- Monitoring the impact of security solutions on user experiences is critical. (to the original material)

- Trust in fintech security has been wavering. (to the original material)

- CosmicStrand UEFI malware found in Gigabyte, ASUS motherboards. (to the original material)

- Source code for Rust-based info-stealer released on hacker forums. (to the original material)

- Hackers exploited PrestaShop zero-day to breach online stores. (to the original material)

- Patients want greater control over health data sharing, AMA survey shows. (to the original material)

- HHS alerts to ongoing healthcare web app attacks, urges review of tactics. (to the original material)

- Microsoft again reverses course, will block macros by default. (to the original material)

- Flaws in FileWave MDM could have allowed hacking +1000 organizations. (to the original material)

- Lockbit ransomware gang claims to have breached the Italian Revenue Agency. (to the original material)

- Amadey malware spreads via software cracks laced with SmokeLoader. (to the original material)

- Drupal developers fixed a code execution flaw in the popular CMS. (to the original material)

- Thief Steals $6M Tokens From Audius, Sells Them for $1M. (to the original material)

- NIST Maps Cybersecurity Framework to HIPAA Security Rule. (to the original material)

- Early-Stage Startups Pump Brakes on Growth as Downturn Looms. (to the original material)

24.07.2022 - News from cyber security.

- Is APT28 behind the STIFF#BIZON attacks attributed to North Korea-linked APT37? (to the original material)

- Security Affairs newsletter Round 375 by Pierluigi Paganini. (to the original material)

- A database containing data of 5.4 million Twitter accounts available for sale. (to the original material)

- Week in review: The future of Metasploit, detecting lateral movement, new issue of (IN)SECURE Magazine. (to the original material)

- Amadey malware pushed via software cracks in SmokeLoader campaign. (to the original material)

- QBot phishing uses Windows Calculator sideloading to infect devices. (to the original material)

- Americans Deserve More Than The Current American Data Privacy Protection Act. (to the original material)

23.07.2022 - News from cyber security.

- FBI seized $500,000 worth of bitcoin obtained from Maui ransomware attacks. (to the original material)

- SonicWall fixed critical SQLi in Analytics and GMS products. (to the original material)

- MedusaLocker Server Likely Spotted In The Wild. (to the original material)

- $350 Million Settlement of T-Mobile Breach Lawsuits Proposed. (to the original material)

- North Korean hackers attack EU targets with Konni RAT malware. (to the original material)

- Chrome use subject to restrictions in Dutch schools over data security concerns. (to the original material)

22.07.2022 - News from cyber security.

- Apple Releases Security Updates for Multiple Products. (to the original material)

- Cisco Releases Security Updates for Multiple Products. (to the original material)

- Atlassian Releases Security Advisory for Questions for Confluence App, CVE-2022-26138. (to the original material)

- FBI Claws Back Cryptocurrency Ransoms Paid to North Koreans. (to the original material)

- USA’s plan to build its cyber workforce, improve skills-based pathways to cyber jobs. (to the original material)

- New infosec products of the week: July 22, 2022. (to the original material)

- How kitemarks are kicking off IoT regulation. (to the original material)

- Detectree: Open-source tool simplifies data analysis for blue teams, reduces alert fatigue. (to the original material)

- Visibility into runtime threats against mobile apps and APIs still lacking. (to the original material)

- Atlassian: Confluence hardcoded password was leaked, patch now! (to the original material)

- Hackers breach Ukrainian radio network to spread fake news about Zelenskiy. (to the original material)

- Account lockout policy in Windows 11 is enabled by default to block brute force attacks. (to the original material)

- Hackers breached Ukrainian radio station to spread fake news about Zelensky‘s health. (to the original material)

- Candiru surveillance spyware DevilsTongue exploited Chrome Zero-Day to target journalists. (to the original material)

- TA4563 group leverages EvilNum malware to target European financial and investment entities. (to the original material)

- Feds Warn Healthcare Sector of Web Application Attacks. (to the original material)

- Cryptocurrency Insider Trading, Fraud in DOJ Crosshairs. (to the original material)

- The Week in Ransomware - July 22nd 2022 - Attacks abound. (to the original material)

- Hacker selling Twitter account data of 5.4 million users for $30k. (to the original material)

- Digital security giant Entrust breached by ransomware gang. (to the original material)

- SonicWall: Patch critical SQL injection bug immediately. (to the original material)

- Major tech groups, nonprofits iced out of UN working group on cybersecurity norms. (to the original material)

- Tenet Health cyberattack, monthlong outage led to $100M in ‘unfavorable impact’. (to the original material)

- Police Are Still Abusing Investigative Exemptions to Shield Surveillance Tech, While Others Move Towards Transparency. (to the original material)

- Threat Roundup for July 15 to July 22. (to the original material)

21.07.2022 - News from cyber security.

- Cybersecurity news of the week (21.07.2022). (to the original material)

- Google Releases Security Updates for Chrome. (to the original material)

- Drupal Releases Security Update. (to the original material)

- CNMF (Cyber Command’s Cyber National Mission Force) Discloses Malware in Ukraine. (to the original material)

- Microsoft adds default protection against RDP brute-force attacks. (to the original material)

- The rise and continuing popularity of LinkedIn-themed phishing. (to the original material)

- Atlassian fixes critical flaws in Confluence, Jira, Bitbucket and other products, update quickly! (to the original material)

- CloudMensis backdoor spies on users of compromised Macs. (to the original material)

- The importance of secure passwords can’t be emphasized enough. (to the original material)

- 60% of IT leaders are not confident about their secure cloud access. (to the original material)

- Settlements Reached In 2 Large Healthcare Hack Lawsuits. (to the original material)

- Premint Fingers Open Source Flaw For NFT Hack. (to the original material)

- US Cyber Command Reveals Malware Indicators Targeting Ukraine. (to the original material)

- Atlassian Fixes Critical Hard-Coded Credential Bug. (to the original material)

- Getting to Zero Trust Requires Good Cybersecurity Baselines. (to the original material)

- Cyber Resilience Requires Complete Visibility. (to the original material)

- Best Protection Against Ransomware: A Good Backup Policy. (to the original material)

- The Crucial Ingredients of a Good Cyber Resilience Program. (to the original material)

- Whatever Happened to Russia's Cyber War Against Ukraine? (to the original material)

- Ex-Coinbase manager charged in first crypto insider-trading case. (to the original material)

- Chrome zero-day used to infect journalists with Candiru spyware. (to the original material)

- Google blocks site of largest computing society for being ‘harmful’. (to the original material)

- How Conti ransomware hacked and encrypted the Costa Rican government. (to the original material)

- Windows 11 now blocks RDP brute-force attacks by default. (to the original material)

- New ‘Lightning Framework’ Linux malware installs rootkits, backdoors. (to the original material)

- Microsoft starts blocking Office macros by default, once again. (to the original material)

- New Redeemer ransomware version promoted on hacker forums. (to the original material)

- Threat actors target software firm in Ukraine using GoMet backdoor. (to the original material)

- Lightning Framework, a previously undetected malware that targets Linux systems. (to the original material)

- Atlassian patched a critical Confluence vulnerability. (to the original material)

- Apple fixes multiple flaws in iOS, iPadOS, macOS, tvOS, and watchOS devices. (to the original material)

- 8220 Gang Cloud Botnet infected 30,000 host globally. (to the original material)

- Health-ISAC gains Google Cloud as ambassador, aims to bolster healthcare resiliency. (to the original material)

- New guidance by cloud group, federal agency target HIPAA compliance and vendor risk. (to the original material)

- National data privacy law draws mixed reaction from civil liberties, industry groups. (to the original material)

- Scanning for red-team tools reveals likely campaign tied to MedusaLocker ransomware. (to the original material)

- New Amendments to Intermediary Rules threaten Free Speech in India. (to the original material)

- Threat Source newsletter (July 21, 2022) - No topic is safe from being targeted by fake news and disinformation. (to the original material)

- Attackers target Ukraine using GoMet backdoor. (to the original material)

20.07.2022 - News from cyber security.

- Oracle Releases July 2022 Critical Patch Update. (to the original material)

- How Zero Trust Can Simplify Your Security Infrastructure. (to the original material)

- Major Takeaways: Cyber Operations During Russia-Ukraine War. (to the original material)

- Vulnerabilities in popular GPS tracker could allow hackers to remotely stop cars. (to the original material)

- Popular business web apps fail to implement critical password requirements. (to the original material)

- What threats and challenges are CISOs (Chief Information Security Officer) and CROs (Chief Risk Officer) most focused on? (to the original material)

- Neopets data breach exposes personal data of 69 million members. (to the original material)

- Google boosts Android privacy with support for DNS-over-HTTP/3. (to the original material)

- Atlassian fixes critical Confluence hardcoded credentials flaw. (to the original material)

- Convincing ‘YouTube’ Google ads lead to Windows support scams. (to the original material)

- Cisco fixes bug that lets attackers execute commands as root. (to the original material)

- Google Calendar provides new way to block invitation phishing. (to the original material)

- LinkedIn remains the most impersonated brand in phishing attacks. (to the original material)

- FBI recovers $500,000 healthcare orgs paid to Maui ransomware. (to the original material)

- New Luna ransomware encrypts Windows, Linux, and ESXi systems. (to the original material)

- State Elections Official Touts Bug Bounties for Voting Systems. (to the original material)

- Latest HHS HIPAA Actions Spotlight 'Right of Access' - Again. (to the original material)

- Compromised Credentials Persist as Data Breaches' Root Cause. (to the original material)

- Romanian Who Allegedly Sold Malware Hosting Extradited to US. (to the original material)

- New Luna ransomware targets Windows, Linux and ESXi systems. (to the original material)

- Million of vehicles can be attacked via MiCODUS MV720 GPS Trackers. (to the original material)

- EU warns of risks of spillover effects associated with the ongoing war in Ukraine. (to the original material)

- Belgium claims China-linked APT groups hit its ministries. (to the original material)

- Online skimming hammers restaurant payment platforms as attacker base widens. (to the original material)

- Challenges of cyber workforce optimization. (to the original material)

- The case for cyber workforce optimization. (to the original material)

- Authentication weakness responsible for 80% of financial breaches, (to the original material)

- Feds disrupt North Korean ransomware operations, return $500K to healthcare victims. (to the original material)

- Blocking Microsoft Office macros for security could make more work for financial firms. (to the original material)

- EFF Poker Tournament at DEF CON 30. (to the original material)

- Nigerian Twitter Ban Declared Unlawful by Court. (to the original material)

- Self-Proclaimed Free Speech Platforms Are Censoring Nude Content. Here’s Why You Should Care. (to the original material)

19.07.2022 - News from cyber security.

- Belgian government calls on Chinese authorities to take action against malicious cyber activities by Chinese APTs. (to the original material)

- CISA released Security Advisory on MiCODUS MV720 Global Positioning System (GPS) Tracker. (to the original material)

- Cybersecurity Policy Challenges on the Agenda of the European Parliament Delegation Visit to ENISA. (to the original material)

- Vulnerability Summary for the Week of July 11, 2022. (to the original material)

- ePlus Acquires Future Com to Strengthen Security Operations. (to the original material)

- DOJ Seizes $500,000 From North Korean Attacks on Healthcare. (to the original material)

- Online Travel Booking Website Probes 'Security Anomaly'. (to the original material)

- US CISA to Set Up Attache Office in London. (to the original material)

- Separating the Quantum Hype From the Reality. (to the original material)

- GPS Tracker Made in China Conduit for Vehicle Hacking. (to the original material)

- Removing the blind spots that allow lateral movement. (to the original material)

- 82% of global insurers expect the rise in cyber insurance premiums to continue. (to the original material)

- Hacking group '8220' grows cloud botnet to more than 30,000 hosts. (to the original material)

- Building materials giant Knauf hit by Black Basta ransomware gang. (to the original material)

- UK heat wave causes Google and Oracle cloud outages. (to the original material)

- EU warns of Russian cyberattack spillover, escalation risks. (to the original material)

- Malicious Android apps with 300K installs found on Google Play. (to the original material)

- Russian hackers use fake DDoS app to infect pro-Ukrainian activists. (to the original material)

- Popular vehicle GPS tracker gives hackers admin privileges over SMS. (to the original material)

- Belgium says Chinese hackers attacked its Ministry of Defense. (to the original material)

- Hackers steal 50,000 credit cards from 300 U.S. restaurants. (to the original material)

- Air-gapped systems leak data via SATA cable WiFi antennas. (to the original material)

- Russian SVR hackers use Google Drive, Dropbox to evade detection. (to the original material)

- New CloudMensis malware backdoors Macs to steal victims’ data. (to the original material)

- CloudMensis spyware went undetected for many years. (to the original material)

- Russia-linked APT29 relies on Google Drive, Dropbox to evade detection. (to the original material)

- Crooks create rogue cryptocurrency-themed apps to steal crypto assets from users. (to the original material)

- Several apps on the Play Store used to spread Joker, Facestealer and Coper malware. (to the original material)

- Google introduces more efficient, DNS-over-HTTP/3 for Android. (to the original material)

- BJC Health to spend $2.7M on email MFA access to settle breach affecting 288K patients. (to the original material)

- Vulnerability Spotlight: Issue in Accusoft ImageGear could lead to memory corruption, code execution. (to the original material)

18.07.2022 - News from cyber security.

- CISA Updates Advisory on Cyber Actors Continued Exploitation of Log4Shell in VMware Horizon Systems. (to the original material)

- Vulnerability Summary for the Week of July 11, 2022. (to the original material)

- The first formal verification of a prototype of Arm CCA firmware. (to the original material)

- Industrial cybersecurity leaders are making considerable headway. (to the original material)

- Online payment fraud losses to exceed $343 billion. (to the original material)

- Graff paid a $7.5M ransom and sued its insurance firm for refusing to cover this payment. (to the original material)

- EFF and Partners Urge the Indian Government to Keep End-to-End Encryption Alive. (to the original material)

- Thales Buys OneWelcome for $101.6M to Enter CIAM Market. (to the original material)

- Cyberattack Affects Albanian Government E-Services: Report. (to the original material)

- Going Green: Energy Firms Mustn't Repeat Security Mistakes. (to the original material)

- Proof of Concept: A New Era for Digital Identity? (to the original material)

- The Real-World Impact of Cyberattacks on Enterprises. (to the original material)

- Assessing the Privacy, Security Risks of Digital Health IT. (to the original material)

- Beware of password-cracking software for PLCs (Programmable Logic Controllers) and HMIs (Human-Machine Interfaces)! (to the original material)

- (IN)SECURE Magazine issue 72 released: Free download. (to the original material)

- Russia fines Google $358 million for not removing banned info. (to the original material)

- FBI warns of fake cryptocurrency apps used to defraud investors. (to the original material)

- Roaming Mantis hits Android and iOS users in malware, phishing attacks. (to the original material)

- MLNK Builder 4.2 released in Dark Web – malicious shortcut-based attacks are on the rise. (to the original material)

- Tor Browser 11.5 is optimized to automatically bypass censorship. (to the original material)

- A massive cyberattack hit Albania. (to the original material)

- Watch out for the CVE-2022-30136 Windows NFS Remote Code Execution flaw. (to the original material)

- Industrial control system password cracker may be bad, actually. (to the original material)

- Infographic: Automated incident response vs. the conventional approach. (to the original material)

- MITRE Engenuity ATT&CK: What endpoint security vendors learned after Evals. (to the original material)

- White House to hold summit on addressing the thousands of unfilled cybersecurity jobs. (to the original material)

- 11 health providers settle HIPAA right of access failures with feds. (to the original material)

17.07.2022 - News from cyber security.

- Week in review: Kali Linux gets on Linode, facial recognition defeated, Log4j exploitation. (to the original material)

- The Matrix messaging network now counts more than 60 million users. (to the original material)

- Crooks stole $375k from Premint NFT, it is one of the biggest NFT hacks ever. (to the original material)

- Google is going to remove App Permissions List from the Play Store. (to the original material)

- Security Affairs newsletter Round 374 by Pierluigi Paganini. (to the original material)

- APT groups target journalists and media organizations since 2021. (to the original material)

16.07.2022 - News from cyber security.

- Hackers pose as journalists to breach news media org’s networks. (to the original material)

- Elastix VoIP systems hacked in massive campaign to install PHP web shells. (to the original material)

- Critical flaw in Netwrix Auditor application allows arbitrary code execution. (to the original material)

- CISA urges to fix multiple critical flaws in Juniper Networks products. (to the original material)

- Threat actors exploit a flaw in Digium Phone Software to target VoIP servers. (to the original material)

- BlackCat Adds Brute Ratel Pentest Tool to Attack Arsenal. (to the original material)

15.07.2022 - News from cyber security.

- New infosec products of the week: July 15, 2022. (to the original material)

- How to address the ongoing risk of Log4j exploitation and prepare for the future. (to the original material)

- Outsourcing security is the only solution for many smaller teams. (to the original material)

- Q-Day: The problem with legacy public key encryption. (to the original material)

- The proliferation of money mules and how behavioral biometrics can combat this form of fraud. (to the original material)

- Tor Browser now bypasses internet censorship automatically. (to the original material)

- Attackers scan 1.6 million WordPress sites for vulnerable plugin. (to the original material)

- Windows Network File System flaw results in arbitrary code execution as SYSTEM. (to the original material)

- Digital burglary at recruitment agency Morgan Hunt confirmed. (to the original material)

- Meet Mantis – the tiny shrimp that launched 3,000 DDoS attacks. (to the original material)

- Password recovery tool infects industrial systems with Sality malware. (to the original material)

- Tainted password-cracking software for industrial systems used to spread P2P Sality bot. (to the original material)

- Experts warn of attacks on sites using flawed Kaswara Modern WPBakery Page Builder Addons. (to the original material)

- Holy Ghost ransomware operation is linked to North Korea. (to the original material)

- RedAlert, LILITH, and 0mega, 3 new ransomware in the wild. (to the original material)

- Ring Reveals They Give Videos to Police Without User Consent or a Warrant. (to the original material)

- H0lyGh0st Ransomware Linked to North Korean Hackers. (to the original material)

- Log4j Flaw Is 'Endemic,' Says Cyber Safety Review Board. (to the original material)

- Synthetic ID Fraud: Continuous Monitoring Is the Key. (to the original material)

- EDR, XDR and the Path to Cyber Readiness. (to the original material)

- ISMG Editors: Analyzing the Predatory Sparrow Attack. (to the original material)

- Too Much Remains Unknown About Data Breaches. (to the original material)

- Why SolarWinds just may be one of the most secure software companies in the tech universe. (to the original material)

- Now offering cryptocurrency, ATMs targeted for crypto-fraud. (to the original material)

- Oklahoma State University health center pays $875K penalty for HIPAA violations. (to the original material)

- EMEAR Monthly Talos Update: Training the next generation of cybersecurity researchers. (to the original material)

- Threat Source newsletter (July 14, 2022) - Are virtual IDs worth the security risk of saving a few seconds in the TSA line? (to the original material)

14.07.2022 - News from cyber security.

- Cybersecurity News of the Week (14.07.2022). (to the original material)

- Juniper Networks releases security updates for multiple products. (to the original material)

- PayPal-themed phishing kit allows complete identity theft. (to the original material)

- The future of SOCs (Security Operations Center): Automation where it matters. (to the original material)

- How attackers abuse Quickbooks to send phone scam emails. (to the original material)

- Businesses are adding more endpoints, but can’t manage them all. (to the original material)

- Conventional cybersecurity approaches are falling short. (to the original material)

- Microsoft links Holy Ghost ransomware operation to North Korean hackers. (to the original material)

- PayPal phishing kit added to hacked WordPress sites for full ID theft. (to the original material)

- Mantis botnet behind the record-breaking DDoS attack in June. (to the original material)

- New Retbleed speculative execution CPU attack bypasses Retpoline fixes. (to the original material)

- Mantis botnet powered the largest HTTPS DDoS attack in June. (to the original material)

- The new Retbleed speculative execution attack impacts both Intel and AMD chips. (to the original material)

- Former CIA employee Joshua Schulte was convicted of Vault 7 massive leak. (to the original material)

- Microsoft published exploit code for a macOS App sandbox escape flaw. (to the original material)

- VMware fixed a flaw in vCenter Server discovered eight months ago. (to the original material)

- EFF and ACLU File Amicus Brief Objecting to Warrantless, Suspicionless Electronic Device Searches at the Border. (to the original material)

- CyberArk Execs: 9 Bets on What's Next in Identity Security. (to the original material)

- At Half-Year Mark, Ransomware, Vendor Breaches Dominate. (to the original material)

- Microsoft Says Phishing Campaign Skirted MFA to Access Email. (to the original material)

- Ex-CIA Employee Convicted in Theft of Covert Hacking Info. (to the original material)

- Deakin Uni Students Suffer Smishing Attack, Data Breach. (to the original material)

- Crime Watch: Why Are Ransomware Attacks Intensifying? (to the original material)

- The Nature of Application Code. (to the original material)

- How to deploy a cloud-native app protection platform. (to the original material)

- Tenet Health sued after affiliate hack, health data theft impacting 1.2M. (to the original material)

- Journalists increasingly targeted with phishing attacks, while news media also used as lures. (to the original material)

- Vulnerability Spotlight: Use-after-free condition in Google Chrome WebGPU. (to the original material)

13.07.2022 - News from cyber security.

- Who are the best fraud fighters? (to the original material)

- The weaponizing of smartphone location data on the battlefield. (to the original material)

- The enemy of vulnerability management? Unrealistic expectations. (to the original material)

- Best practices for cyber resilience. (to the original material)

- Nine ways for securely integrating a CMS and ecommerce platform. (to the original material)

- New Lilith ransomware emerges with extortion site, lists first victim. (to the original material)

- Bandai Namco confirms hack after ALPHV ransomware data leak threat. (to the original material)

- Microsoft releases PoC exploit for macOS sandbox escape vulnerability. (to the original material)

- New UEFI firmware flaws impact over 70 Lenovo laptop models. (to the original material)

- New Android malware on Google Play installed 3 million times. (to the original material)

- $8 million stolen in large-scale Uniswap airdrop phishing attack. (to the original material)

- Qakbot operations continue to evolve to avoid detection. (to the original material)

- Impact Litigation in Action: Building the Caselaw Behind a Win for Free Speech. (to the original material)

- The Department of Defense Should Disclose When it Purchases User Data. (to the original material)

- July Patch Tuesday Fixes 1 Zero-Day, 84 Flaws. (to the original material)

- Search Here: Ransomware Groups Refine High-Pressure Tactics. (to the original material)

- $8M of Crypto Stolen by Phishing From Uniswap Liquidity Pool. (to the original material)

- Russia's Cyberattack Strategy: Precision, Not Spillover. (to the original material)

- The Ransomware Files, Episode 9: Dr. Ransomware, Part 1. (to the original material)

- Big Health Data: Top Privacy, Security Considerations. (to the original material)

- House wants Congress in the loop for government’s post-quantum transition. (to the original material)

- ‘Bring your own identity,’ and the need for robust identity proofing. (to the original material)

- Is cannabis business banking a new financial opportunity or a huge security risk? (to the original material)

- Zero-trust access resonates in the financial industry, where risk is everything. (to the original material)

- Transparent Tribe begins targeting education sector in latest campaign. (to the original material)

- Vulnerability Spotlight: Adobe Acrobat DC use-after-free issues could lead to arbitrary code execution. (to the original material)

12.07.2022 - News from cyber security.

- Adobe releases security updates for multiple products. (to the original material)

- Microsoft releases July 2022 Security Updates. (to the original material)

- SAP releases July 2022 Security Updates. (to the original material)

- Citrix releases security updates for Hypervisor. (to the original material)

- CISA adds one known exploited vulnerability to Catalog . (to the original material)

- Vulnerability summary for the Week of July 4, 2022. (to the original material)

- Congress probes how location data brokers threaten reproductive privacy. (to the original material)

- Victory! Another Court protects the right to record police. (to the original material)

- Microsoft fixes exploited zero-day in Windows CSRSS (CVE-2022-22047). (to the original material)

- Researchers defeat facial recognition systems with universal face mask. (to the original material)

- Product showcase: ImmuniWeb Neuron, DAST with a zero false positives SLA. (to the original material)

- Are your site’s tracking technologies breaking the law? (to the original material)

- A look at the bring your own browser (BYOB - Bring Your Own Browser) approach. (to the original material)

- VMware patches vCenter Server flaw disclosed in November. (to the original material)

- Microsoft fixes dozens of Azure Site Recovery privilege escalation bugs. (to the original material)

- CISA orders agencies to patch new Windows zero-day used in attacks. (to the original material)

- Hackers impersonate cybersecurity firms in callback phishing attacks. (to the original material)

- Hackers stole $620 million from Axie Infinity via fake job interviews. (to the original material)

- Microsoft July 2022 Patch Tuesday fixes exploited zero-day, 84 flaws. (to the original material)

- Microsoft: Phishing bypassed MFA in attacks against 10,000 orgs. (to the original material)

- New ‘Luna Moth’ hackers breach orgs via fake subscription renewals. (to the original material)

- FTC puts data collectors and brokers on notice in light of abortion bans. (to the original material)

- DDoS attacks surge in popularity in Ukraine - but are they more than a cheap thrill? (to the original material)

- Rocket maker agrees to pay $9 million to settle allegations of cybersecurity violations. (to the original material)

- AWS patches 'one bug, three vulnerabilities' authentication error. (to the original material)

- UK watchdog seeks review into gov use of WhatsApp. (to the original material)

- Ukraine’s cyber agency tracks ‘significant increase’ in malware-directed attacks. (to the original material)

- FTC official vows to ‘crack down’ on companies misusing consumer health data. (to the original material)

- Palo Alto, HCL expands partnership to secure customers’ digital and cloud transformation. (to the original material)

- Nearly all organizations reported having a failed IIoT/OT security project. (to the original material)

- Cloud-native app protection platforms: what they are and what they bring to the table. (to the original material)

- Using shields up to secure credentials and mitigate vulnerabilities. (to the original material)

- Security success means not solving every problem. (to the original material)

- When it comes to fraud, it takes a network to defeat a network. (to the original material)

- Lithuanian Energy Firm Experiences DDoS. (to the original material)

- Fake Google Update Delivering HavanaCrypt Ransomware. (to the original material)

- India Calls for Stricter Actions Against Cybercriminals. (to the original material)

- Predatory Sparrow's Hacks: There's Smoke, There's Fire. (to the original material)

11.07.2022 - News from cyber security.

- Linode + Kali Linux: Added security for cloud instances. (to the original material)

- BlackCat (aka ALPHV) ransomware is increasing stakes up to $2.5 million in demands. (to the original material)

- Dealing with threats and preventing sensitive data loss. (to the original material)

- The impact of DNS attacks on global organizations. (to the original material)

- 7 steps to switch your organization to a zero trust architecture. (to the original material)

- Nearly all governmental websites serve cookies or third-party trackers. (to the original material)

- State by State, We’re Making Progress Against Anti-Speech Lawsuits. (to the original material)

- Hackers can unlock Honda cars remotely in Rolling-PWN attacks. (to the original material)

- Ransomware gang now lets you search their stolen data. (to the original material)

- Microsoft says decision to unblock Office macros is temporary. (to the original material)

- How to auto block macros in Microsoft Office docs from the internet. (to the original material)

- Australia's major banks look to dynamic CVV to combat payment fraud. (to the original material)

- Florida man accused of selling counterfeit Cisco gear. (to the original material)

- Settlement shows False Claims Act is no silver bullet for cybersecurity compliance. (to the original material)

- Biden orders health privacy actions as senators seek stronger HIPAA protections after Roe overturned. (to the original material)

- Security researchers warn of impersonation attacks ahead of Amazon Prime Day. (to the original material)

- Paladin Cloud’s open source security-as-code platform available to the public. (to the original material)

- Why expired digital certificates have become a bigger threat. (to the original material)

- Recorded Future Buys Hatching for More Malware Visibility. (to the original material)

- Puerto Rico Commits $7.6M to Boost Cybersecurity. (to the original material)

- Aerojet Rocketdyne Pays $9M to Settle Cybersecurity Lawsuit. (to the original material)

- How Double-Extortion Attacks Vary By Victims' Sector. (to the original material)

- Don't Pay Ransoms, UK Government and Privacy Watchdog Urge. (to the original material)

10.07.2022 - News from cyber security.

- Week in review: Quantum-resistant encryption, attackers using deepfakes, Patch Tuesday forecast. (to the original material)

- Maastricht University wound up earning money from its ransom payment. (to the original material)

- HHS agrees to improve feedback process for healthcare data breach reporting. (to the original material)

09.07.2022 - News from cyber security.

- Microsoft performs an about-face on Office macro security policy - albeit a temporary one. (to the original material)

- PyPI mandates 2FA for critical projects, developer pushes back. (to the original material)

- Mangatoon data breach exposes data from 23 million accounts. (to the original material)

- Crema Finance Issues Recovery Plans After $8.8M Crypto Hack. (to the original material)

- CEO Charged for Selling Fake Cisco Networking Equipment. (to the original material)

08.07.2022 - News from cyber security.

- Threat Roundup for July 1 to July 8. (to the original material)

- A third of mid-sized organizations don't have a cyber-incident response plan. (to the original material)

- Checkmate ransomware hits QNAP NAS devices. (to the original material)

- New infosec products of the week: July 8, 2022. (to the original material)

- Simplifying legal entity identification in the digital age. (to the original material)

- July 2022 Patch Tuesday forecast: A summertime lull? (to the original material)

- Why 80% of companies are looking to switch their managed service provider. (to the original material)

- 54% of SMBs do not implement MFA. (to the original material)

- The Week in Ransomware - July 8th 2022 - One down, many to go. (to the original material)

- New 0mega ransomware targets businesses in double-extortion attacks. (to the original material)

- Free decryptor released for AstraLocker, Yashma ransomware victims. (to the original material)

- San Francisco coalition fights SFPD’s proposal to co-opt private surveillance cameras. (to the original material)

- EFF and partners call on Indonesia to repeal invasive content moderation. (to the original material)

- Internet Archive seeks summary judgment in federal lawsuit filed by publishing companies. (to the original material)

- Google to delete sensitive medical locations from user history after Roe struck down. (to the original material)

- Biden Order Seeks to Protect Reproductive Data Privacy. (to the original material)

- Ransomware Locks Indian Flood Monitors During Monsoon Season. (to the original material)

- Customer.io Email Data Breach Larger Than Just OpenSea. (to the original material)

- ISMG Editors: What's the Status of the SBOM? (to the original material)

- How the Threat Landscape Is Evolving. (to the original material)

- Russia, Ukraine and the Future Cybercrime Landscape. (to the original material)

- Zero Trust: The Nitty-Gritty Details. (to the original material)

- Leveraging Interindustry Data to Discover Mule Accounts. (to the original material)

07.07.2022 - News from cyber security.

- Cybersecurity News of the Week (07.07.2022). (to the original material)

- Cisco releases security updates for multiple products. (to the original material)

- Threat Source newsletter (July 7, 2022) - Teamwork makes the dream work. (to the original material)

- Breach report: Understand and minimize reputational cost. (to the original material)

- SiteCheck Malware Trends Report – Q2 2022. (to the original material)

- Ransomware and the places that worry about it most. (to the original material)

- Threat actors exchange beacons for badgers to evade endpoint security. (to the original material)

- Apple previews Lockdown Mode to protect users from targeted spyware. (to the original material)

- Healthcare organizations targeted with Maui ransomware. (to the original material)

- Imagination is key to effective data loss prevention. (to the original material)

- Cyberattacks against law enforcement are on the rise. (to the original material)

- Microsoft rolls back decision to block Office macros by default. (to the original material)

- Fake copyright complaints push IcedID malware using Yandex Forms. (to the original material)

- New stealthy OrBit malware steals data from Linux devices. (to the original material)

- Quantum ransomware attack affects 657 healthcare orgs. (to the original material)

- QNAP warns of new Checkmate ransomware targeting NAS devices. (to the original material)

- Online programming IDEs can be used to launch remote cyberattacks. (to the original material)

- Post-quantum cryptography algorithms named. (to the original material)

- Cisco collaboration software vulnerabilities fixed. (to the original material)

- Apple introduces Lockdown Mode as it battles spyware firms. (to the original material)

- US finance sector encouraged to stay vigilant against retaliatory Russian cyberattacks. (to the original material)

- SHI Malware Attack Knocks Website, Email Offline for Days. (to the original material)

- Taking Actions to Enhance Sensitive Health Data Privacy. (to the original material)

- Apple Lockdown Mode Aims to Prevent State-Sponsored Spyware. (to the original material)

- Security Awareness and Behavioral Change: What's Realistic? (to the original material)

- FBI and MI5 Chiefs Issue Warning on China IP Theft. (to the original material)

- How McDonald’s Keeps Security Awareness Fresh and Relevant. (to the original material)

- How to Stop Data from Leaving with Employees. (to the original material)

- Safety in the Cloud. (to the original material)

- How to Respond to the New 'Fraud Universe'. (to the original material)

- Top 5 Tips for Defending Your Endpoints. (to the original material)

06.07.2022 - News from cyber security.

- How to map the Cybersecurity Threat Landscape? Follow the ENISA 6-step Methodology. (to the original material)

- OpenSSL releases security update. (to the original material)

- North Korean state-sponsored cyber actors use Maui ransomware to target the healthcare and public health sector. (to the original material)

- NIST selects 4 quantum-resistant encryption algorithms. (to the original material)

- The connected nature of smart factories is exponentially increasing the risk of cyber attacks. (to the original material)

- Why your API gateway is not enough for API security? (to the original material)

- How a cyber asset management strategy can help enterprises detect threats. (to the original material)

- Encryption is high up on corporate priority lists. (to the original material)

- New Hive ransomware variant is written in Rust and use improved encryption method. (to the original material)

- Malicious NPM packages used to grab data from apps, websites. (to the original material)

- The core principles of Zero Trust – NIST. (to the original material)

- The tech devices we worry about the most. (to the original material)

- IT services giant SHI hit by "professional malware attack". (to the original material)

- Security advisory accidentally exposes vulnerable systems. (to the original material)

- Apple’s new Lockdown Mode defends against government spyware. (to the original material)

- Ransomware, hacking groups move from Cobalt Strike to Brute Ratel. (to the original material)

- Marriott confirms another data breach after hotel got hacked. (to the original material)

- US govt warns of Maui ransomware attacks against healthcare orgs. (to the original material)

- For the love of the wild web. (to the original material)

- ASD creates CISO role in REDSPICE hiring blitz. (to the original material)

- Threat actors abuse penetration testing tool for attacks. (to the original material)

- OpenSSL fixes remote code execution bug. (to the original material)

- A guide to House cyber amendments in the NDAA. (to the original material)

- QuickBooks accounting software targeted for sophisticated phishing attacks. (to the original material)

- Apple announces ‘lockdown’ security feature to counter NSO-type spyware. (to the original material)

- Accounts receivable provider discloses network breach to potentially affected customers. (to the original material)

- Pentagon Looking for a Few Good Hackers. (to the original material)

- Feds Warn Healthcare Sector of 'Maui' Ransomware Threats. (to the original material)

- Marriott Confirms Data Breach, Says Core Network Unaffected. (to the original material)

- Bridging the Gaps of Cybersecurity: How High-Fidelity Threat Intelligence can Help Agencies Prioritize and Combat Phishing. (to the original material)

- The Death of Network Hardware Appliances - and the Evolution of Cloud-Native Architectures. (to the original material)

05.07.2022 - News from cyber security.

- Press release: Launch of the study "Strategic resilience of the European Union, including in the technological and digital fields: future scenarios and contributions of Romania". (to the original material)

- Google releases security update for Chrome. (to the original material)

- Prepare for a new cryptographic standard to protect against future quantum-based threats. (to the original material)

- Attackers are using deepfakes to snag remote IT jobs. (to the original material)

- PCI DSS 4.0 released, addresses emerging threats and technologies. (to the original material)

- Applying Shift Left principles to third party risk management. (to the original material)

- People are the primary attack vector around the world. (to the original material)

- Cybersecurity is driving digital transformation in alternative investment institutions. (to the original material)

- New RedAlert Ransomware targets Windows, Linux VMware ESXi servers. (to the original material)

- NPM supply-chain attack impacts hundreds of websites and apps. (to the original material)

- Microsoft quietly fixes ShadowCoerce Windows NTLM Relay bug. (to the original material)

- API security grows more critical, even as organizations lack means to address the risk. (to the original material)

- NIST unveils four algorithms that will underpin new ‘quantum-proof’ cryptography standards. (to the original material)

- University recovers 2019 ransom to find value of cryptocurrency skyrocketed. (to the original material)

- What is DAST, and how it can improve web application security. (to the original material)

- What Log4Shell taught us about application security, and how to respond now. (to the original material)

- Defense Department testing paid bug bounty program this week. (to the original material)

- Google patches fourth Chrome zero-day this year. (to the original material)

- Researcher Spotlight: Around the security world and back again with Nick Biasini. (to the original material)

- U.S. data privacy regulation advances. (to the original material)

- Top 5 most common WordPress malware infections: An anatomy lesson. (to the original material)

- Hackers invade British Army's social media accounts. (to the original material)

- EFF statement on EU Parliament’s adoption of digital services act and digital markets act. (to the original material)

- US Government Picks Quantum-Resistant Encryption Algorithms. (to the original material)

- Django Software Foundation Patches High-Severity Bug. (to the original material)

- Unknown Hacker Steals Data of 1 Billion Chinese Citizens. (to the original material)

- The Human Factor 2022. (to the original material)

- Vendor's Ransomware Attack Hits Over 600 Healthcare Clients. (to the original material)

- How Machine Learning Is Changing Access Monitoring. (to the original material)

04.07.2022 - News from cyber security.

- Vulnerability summary for the Week of June 27, 2022. (to the original material)

- Is the UK government prepared for its greatest threat? (to the original material)

- Malicious activities insiders perform in enterprise applications. (to the original material)

- 69% of employees need to deal with more security measures in a hybrid work environment. (to the original material)

- AstraLocker ransomware shuts down and releases decryptors. (to the original material)

- Google patches new Chrome zero-day flaw exploited in attacks. (to the original material)

- Hacker claims to have stolen data on 1 billion Chinese citizens. (to the original material)

- UK Army’s Twitter, YouTube accounts hacked to push crypto scam. (to the original material)

- Django fixes SQL Injection vulnerability in new releases. (to the original material)

- Popular Django web framework affected by a SQL Injection flaw. Upgrade it now! (to the original material)

- Unfaithful HackerOne employee steals bug reports to claim additional bounties. (to the original material)

- Threat Report Portugal: Q2 2022. (to the original material)

- CISA orders federal agencies to patch CVE-2022-26925 by July 22. (to the original material)

- NATO to develop rapid cyber response capabilities. (to the original material)

- #HowTo: Plug data leaks. (to the original material)

- British Army Social Media accounts hijacked. (to the original material)

- ICO set to scale back public sector fines. (to the original material)

- HackerOne insider defrauded customers. (to the original material)

- Hackers claim police information stolen in China’s biggest data breach. (to the original material)

- Zero-day flaw in Atlassian Confluence exploited in the wild since May. (to the original material)

- SolarWinds creates new software build system in wake of Sunburst attack. (to the original material)

- The Best & Worst States in America for online privacy. (to the original material)

- Russian hackers target private Ukrainian energy firm. (to the original material)

- Australian businesses lose $227 million to BEC-like scams. (to the original material)

- Evervault is offering free encryption services to women's health apps. (to the original material)

- US, Israel Initiate Cybersecurity Collaboration Program. (to the original material)

- Constant Vigilance Demanded - Cyber 'Not Just Another Risk'. (to the original material)

03.07.2022 - News from cyber security.

- Privacy protection agency seizes servers of hacked travel company. (to the original material)

- Free smartphone stalkerware detection tool gets dedicated hub. (to the original material)

- Microsoft Defender adds network protection for Android, iOS devices. (to the original material)

- Tens of Jenkins plugins are affected by zero-day vulnerabilities. (to the original material)

- Microsoft: Raspberry Robin worm already infected hundreds of networks. (to the original material)

- Security Affairs newsletter Round 372 by Pierluigi Paganini. (to the original material)

- Half of actively exploited zero-day issues in H1 2022 are variants of previous flaws. (to the original material)

- Businesses unprepared to deal with ransomware. (to the original material)

- Why a people-centric culture is critical to security, growth and transformation [Q&A]. (to the original material)

02.07.2022 - News from cyber security.

- Rogue HackerOne employee steals bug reports to sell on the side. (to the original material)

- Verified Twitter accounts hacked to send fake suspension notices. (to the original material)

- Microsoft finds Raspberry Robin worm in hundreds of Windows networks. (to the original material)

- The role of Social Media in modern society – Social Media Day 22 interview. (to the original material)

- Experts shared PoC exploit code for RCE in Zoho ManageEngine ADAudit Plus tool. (to the original material)

- A ransomware attack forced publishing giant Macmillan to shuts down its systems. (to the original material)

- ATC Healthcare, Community of Hope, The People Concern disclose breaches, Advocates notifies more people of its breach. (to the original material)

- Evilnum hacking group updates TTPs targeting Fintech. (to the original material)

01.07.2022 - News from cyber security.

- CISA adds one known exploited vulnerability to Catalog. (to the original material)

- New infosec products of the week: July 1, 2022. (to the original material)

- Product showcase: Group-IB Unified Risk Platform. (to the original material)

- The challenges and advantages of building behavior-based threat detection. (to the original material)

- Infosec products of the month: June 2022. (to the original material)

- Flagstar Bank breach another example of hacker threat to financial sector. (to the original material)

- Three tips for sharpening up DNS integrity. (to the original material)

- A long-running cryptomining campaign conducted by 8220 hackers now targets Linux servers. (to the original material)

- Pro-Russian hackers launched a massive DDoS attack against Norway. (to the original material)

- Trust key to space travel, like cybersecurity, says astronaut Tim Peake. (to the original material)

- C-Suite ignoring Smart Factory Cyber-Threats. (to the original material)

- Researchers warn of teen hacking group on Discord. (to the original material)

- Santander warns of 87% surge in Celeb crypto scams. (to the original material)

- Zoho ManageEngine ADAudit Plus bug gets public RCE exploit. (to the original material)

- The Week in Ransomware - July 1st 2022 - Bug Bounties. (to the original material)

- CISA orders agencies to patch Windows LSA bug exploited in the wild. (to the original material)

- Microsoft updates Azure AD with support for temporary passcodes. (to the original material)

- Jenkins discloses dozens of zero-day bugs in multiple plugins. (to the original material)

- Mitre releases ATT&CK search extension for Chrome. (to the original material)

- What is MITRE Engenuity ATT&CK? (to the original material)

- SessionManager Backdoor employed in attacks on Microsoft IIS servers worldwide. (to the original material)

- Microsoft spots updated cryptomining malware tool targeting Linux systems. (to the original material)

- What law firms need to know about cybersecurity. (to the original material)

- Is Cyber Insurance exacerbating the ransomware crisis?. (to the original material)

- New 'SessionManager' backdoor targeting Microsoft Exchange Servers worldwide. (to the original material)

- Threat actor claims responsibility for IBM and Stanford University hack. (to the original material)

- Professional Finance Company, Inc. is providing breach notifications to patients of 663 covered entities. (to the original material)

- Iranian hackers leak info of over 300,000 Israelis from tourism sites. (to the original material)

- CISA Alert (AA22-181A): MedusaLocker. (to the original material)

- UPDATE: Michigan Avenue Immediate Care in Chicago submits notification concerning 2021 cyberattack. (to the original material)

- Alameda Health System’s second breach went undetected by investigators of first breach? (to the original material)

- Criminals use deepfake videos to interview for remote work. (to the original material)

- DragonForce Malaysia releases LPE exploit, threatens ransomware. (to the original material)

- ICYMI: A Microsoft warning, Follina, Atlassian, and more. (to the original material)

- When it comes to SBOMs, do you know the ingredients in your ingredients? (to the original material)

- OpenSea NFT Marketplace faces insider hack. (to the original material)

- Microsoft going big on identity with the launch of Entra. (to the original material)

- Interview with Mathieu Gorge – VigiTrust. (to the original material)

- US DOJ targets Baller Ape Rug Pull and other crypto fraud. (to the original material)

- Indian Stock Exchanges have 6 hours to report cyber incident. (to the original material)

- ISMG Editors: Russia's war has changed the cyber landscape. (to the original material)

- Malware disrupts multiple US State unemployment websites. (to the original material)

- Poor patching creates easy zero-day vulnerability reuse. (to the original material)

- Atlassian patches Jira server plugin to fix vulnerability. (to the original material)

- Wegmans’ $400,000 fine for exposed customer data should leave all retailers on high alert. (to the original material)

- Moody’s says Costa Rican response shows ‘resilience’ of sovereign governments to ransomware. (to the original material)


Archive:

Click here to access archive content.

Source:

Click here to access to documentation sources.

Note Dorin M.

This site has a double form, one in HTML and one in Joomla (if you are interested in the utility behind this effort you can read the "Why  a HTML and a CMS (Joomla)" page).
That's why I suggest you, depending on your desire, to use the HTML form for simple browsing / information or the Joomla form if you want in-depth studies / searches using the CMS search engine.

Dorin M - July 31, 2022


Thank you for your visit!

Whenever you consider that it "worth", I expect you with feedback, comments or donations in
the account RO95BRDE090SV31723640900 opened at "BRD-Groupe Société Générale" S.A. Romania or
Paypal donation (using the button below)

or on Patreon (using the button below).

Become a Patron!