Category: daily summary

IT Security News Daily Summary 2024-06-01

Ticketmaster confirms data breach impacting 560 million customers Ticketmaster confirms customer data breach Snowflake denies breach, blames data theft on poorly secured customer accounts Critical Apache Log4j2 flaw still threatens global finance Crooks stole more than $300M worth of Bitcoin…

IT Security News Daily Summary 2024-05-31

US senator claims UnitedHealth’s CEO, board appointed ‘unqualified’ CISO Hacked, leaked, exposed: Why you should never use stalkerware apps Friday Squid Blogging: Baby Colossal Squid International Malware Takedown Seized 100+ Servers Exposed and vulnerable: Recent attacks highlight critical need to…

IT Security News Daily Summary 2024-05-30

Proofpoint’s CISO 2024 Report: Top Challenges Include Human Error & Risk Trump Guilty On All 34 Felony Counts What is extortionware? How does it differ from ransomware? CISA adds Check Point Quantum Security Gateways and Linux Kernel flaws to its…

IT Security News Daily Summary 2024-05-29

‘Largest Botnet Ever’ Tied to Billions in Stolen Covid-19 Relief Funds A Plan to Protect Critical Infrastructure from 21st Century Threats How to converge networking and security teams: Key steps Multi-day DDoS storm batters Internet Archive Chinese EVs – and…

IT Security News Daily Summary 2024-05-28

Treasury Sanctions Creators of 911 S5 Proxy Botnet Spyware maker pcTattletale shutters after data breach pcTattleTale spyware leaks database containing victim screenshots, gets website defaced Important Security Update – Stay Protected Against VPN Information Disclosure (CVE-2024-24919) Elon Musk and Yann…

IT Security News Daily Summary 2024-05-27

Sav-Rx data breach impacted over 2.8 million individuals Jumpstart your studies for ENNA with Network Assurance Prep Analysis of BloodAlchemy Malware: A New Evolution of Deed RAT Alert: Google Chrome Zero-Day Patch Fixes Critical Flaw City of Helsinki Data Breach:…

IT Security News Daily Summary 2024-05-26

Becoming Resilient to The Cyber Incidents of Today And Tomorrow Shut the back door: Understanding prompt injection and minimizing risk Anatomy Of an Endpoint Attack: How A Cyberattack Can Compromise an Enterprise Network CERT-UA warns of malware campaign conducted by…

IT Security News Daily Summary 2024-05-25

USENIX Security ’23 – Network Detection of Interactive SSH Impostors Using Deep Learning The modern CISO: Scapegoat or value creator? Grab the best weatherproof Wyze Cam alternative for just $40 this Memorial Day right now Spyware app pcTattletale was hacked…

IT Security News Daily Summary 2024-05-24

An XSS flaw in GitLab allows attackers to take over accounts ShrinkLocker Ransomware Leverages BitLocker for File Encryption Suspected supply chain attack backdoors courtroom recording software Cyber Security Today, Week in Review for week ending May 24, 2024 USENIX Security ’23…

IT Security News Daily Summary 2024-05-23

Efficient Document Merging Strategies for Professionals Here’s yet more ransomware using BitLocker against Microsoft’s own users Leading LLMs Insecure, Highly Vulnerable to Basic Jailbreaks Compromised courtroom recording software was served from vendor’s official site The SEC slaps NYSE’s parent company…

IT Security News Daily Summary 2024-05-22

Microsoft Build 2024: Copilot AI Will Gain ‘Personal Assistant’ and Custom Agent Capabilities New APT Group “Unfading Sea Haze” Hits Military Targets in South China Sea How to find out if an AirTag is tracking you USENIX Security ’23 –…

IT Security News Daily Summary 2024-05-21

5 Mitre ATT&CK framework use cases Cybersecurity or Cyber Resilience: Which Matters More? Using Open-Souce and Built-In Tools for Supply Chain Validation The best VPN trials of 2024: Expert tested and reviewed Facebook Joins New Anti-Scam Coalition To Fight Financial…

IT Security News Daily Summary 2024-05-19

USENIX Security ’23 – Guarding Serverless Applications with Kalium Why data breaches have become ‘normalized’ and 6 things CISOs can do to prevent them Cybercriminals Exploit Windows Quick Assist in Latest Ransomware Campaign Deepfakes and AI’s New Threat to Cyber…

IT Security News Daily Summary 2024-05-18

How Attackers Distribute Malware to Foxit PDF Reader Users An attorney says she saw her library reading habits reflected in mobile ads. That’s not supposed to happen Quantum Navigation Systems: Safeguarding Against GPS Spoofing Capture the CISO Finals – Season…

IT Security News Daily Summary 2024-05-17

Balancing generative AI cybersecurity risks and rewards Brothers Indicted for Stealing $25 Million of Ethereum in 12 Seconds Feds Bust N. Korean Identity Theft Ring Targeting US Firms Three cuffed for ‘helping North Koreans’ secure remote IT jobs in America…

IT Security News Daily Summary 2024-05-16

Exabeam Recognized as a Leader in the 2024 Gartner® Magic Quadrant™ for SIEM, for the Fifth Year CrowdStrike launches advanced SIEM to power the AI-native SOC at RSAC 2024 Exabeam Recognized as a Leader in the 2024 Gartner® Magic Quadrant™…

IT Security News Daily Summary 2024-05-15

Microsoft is again named a Leader in the 2024 Gartner® Magic Quadrant™ for Security Information and Event Management​​ Notorious data leak site BreachForums seized by law enforcement 15-Year-Old Ebury Botnet Compromised 400,000 Linux Servers Microsoft is again named a Leader…

IT Security News Daily Summary 2024-05-14

Microsoft is again named a Leader in the 2024 Gartner® Magic Quadrant™ for Security Information and Event Management​​ UnitedHealth, Ascension Attacks Feed Debate Over Health Care Security Microsoft is again named a Leader in the 2024 Gartner® Magic Quadrant™ for…

IT Security News Daily Summary 2024-05-13

Vulnerability Summary for the Week of May 6, 2024 Microsoft is again named a Leader in the 2024 Gartner® Magic Quadrant™ for Security Information and Event Management​​ Facebook Users Complain About Mass Tagging Attacks Microsoft is again named a Leader…

IT Security News Daily Summary 2024-05-12

Ransomware negotiator weighs in on the extortion payment debate with El Reg Dell API Abused to Steal 49 Million Customer Records in Data Breach Pro-Russia hackers targeted Kosovo’s government websites USENIX Security ’23 – GigaDORAM: Breaking the Billion Address Barrier…

IT Security News Daily Summary 2024-05-11

Ohio Lottery data breach impacted over 538,000 individuals Ascension Cyber Attack Heightens Focus on Healthcare Cybersecurity Measures Microsoft Introduces Innovative AI Model for Intelligence Analysis Critical infrastructure security will stay poor unless everyone pulls together USENIX Security ’23 – Don’t…

IT Security News Daily Summary 2024-05-10

The FBI is Playing Politics with Your Privacy New LLMjacking Attack Lets Hackers Hijack AI Models for Profit Nmap 7.95 Released: Enhanced Network Scanning with More OS and Service Detection Power Iran most likely to launch destructive cyber-attack against US…

IT Security News Daily Summary 2024-05-09

How to inspire the next generation of scientists | Cybersecurity podcast Ex-White House election threat hunter weighs in on what to expect in November The Road to CTEM, Part 1: The Role of Validation Recent Breaches in Israel and Iran:…

IT Security News Daily Summary 2024-05-08

Undersea cables are high-priority targets – it’s high time to make these global pathways more resilient IntelBroker Hacker Claims Breach of Top Cybersecurity Firm, Selling Access Facebook Accused Of Doing Nothing To Stop Taylor Swift Ticket Scams #RSAC: Three Strategies…

IT Security News Daily Summary 2024-05-07

Brandywine Realty Trust says data stolen in ransomware attack Law enforcement agencies identified LockBit ransomware admin and sanctioned him Google Continues Mixing Generative AI into Cybersecurity RSAC: Decoding US Government Plans to Shift the Software Security Burden INFRAM24: Measuring your…

IT Security News Daily Summary 2024-05-06

Police resurrect LockBit’s site and troll the ransomware gang The waterproof Blink Mini 2 is the best Wyze Cam alternative available SSPM vs. CSPM: What’s the difference? Colorado Passes Law To Stop Facebook From Reading Your Thoughts Vulnerability Recap 5/6/24…

IT Security News Daily Summary 2024-05-05

USENIX Security ’23 – A Bug’s Life: Analyzing the Lifecycle and Mitigation Process of Content Security Policy Bugs – Distinguished Paper Award Winner Don’t Overlook the Cyber Risks for Operational Technology Lineaje Tackles Open-Source Management with New Solution The Quantum…

IT Security News Daily Summary 2024-05-04

Pay up, or else? – Week in security with Tony Anscombe Facial Recognition System Breach Sparks Privacy Concerns in Australia DropBox E-Signature Breach Exposes Customer Data A Mind at Play: Rediscovering Minesweeper in the Professional Arena Dating apps kiss’n’tell all…

IT Security News Daily Summary 2024-05-03

Breaking down Microsoft’s pivot to placing cybersecurity as a top priority You get a passkey, you get a passkey, everyone should get a passkey Healthcare Needs To Be Laser-Focused on API Security and Its Blind Spots Dangerous Militia Groups Are…

IT Security News Daily Summary 2024-05-02

Tips and stories for your team on World Password Day Florida man gets 6 years behind bars for flogging fake Cisco kit to US military Pro-Russia hackers target critical infrastructure in North America and Europe Dropbox Sign customer data accessed…

IT Security News Daily Summary 2024-05-01

United HealthCare CEO says ‘maybe a third’ of US citizens were affected by recent hack Red Hat’s latest enterprise Linux delivers new features to tackle hybrid-cloud complexity remote access United HealthCare CEO says ‘maybe a third’ of U.S. citizens were…

IT Security News Daily Summary 2024-04-30

USENIX Security ’23 – Sherlock on Specs: Building LTE Conformance Tests through Automated Reasoning UnitedHealth CEO: ‘Decision to pay ransom was mine’ FCC Fines Verizon, AT&T and T-Mobile for Sharing User Location Data 5 Steps to Make Zero Trust Achievable…

IT Security News Daily Summary 2024-04-29

FCC Fines Major U.S. Wireless Carriers for Selling Customer Location Data Vulnerability Recap 4/29/24 – Cisco, Microsoft, Palo Alto & More Google prevented 2.28 million policy-violating apps from being published on Google Play in 2023 Congress Should Just Say No…

IT Security News Daily Summary 2024-04-28

ICICI Bank exposed credit card data of 17000 customers USENIX Security ’23 – SandDriller: A Fully-Automated Approach for Testing Language-Based JavaScript Sandboxes Hackers Claim to Have Infiltrated Belarus’ Main Security Service Deceptive npm Packages Employed to Deceive Software Developers into…

IT Security News Daily Summary 2024-04-27

USENIX Security ’23 – Beyond Typosquatting: An In-depth Look at Package Confusion Godfather Banking Trojan Multiplies, Spreading to 1.2K Variants in 57 Nations Hackers may have accessed thousands of accounts on the California state welfare platform Here’s How NFTs Can…

IT Security News Daily Summary 2024-04-26

Security review for Microsoft Edge version 124 USENIX Security ’23 – UVSCAN: Detecting Third-Party Component Usage Violations in IoT Firmware Facebook Blasted By Regulators For Holding Onto Sensitive User Data For Too Long Kaiser Permanente handed over 13.4M people’s data…

IT Security News Daily Summary 2024-04-25

Ring dinged for $5.6M after, among other claims, rogue insider spied on ‘pretty girls’ AeroNet Wireless Launches 10Gbps Internet Plan: A Landmark Moment in Puerto Rico’s Telecommunications Industry Rubrik’s shares end trading up almost 16% on the company’s public debut…

IT Security News Daily Summary 2024-04-24

IBM Cyber Security Report 2024 – New Nation-state actors exploited two zero-days in ASA and FTD firewalls to breach government networks IBM Cyber Security Report: Unveiling the Evolving Threat Landscape Driving fast or braking hard? Your connected car may be…

IT Security News Daily Summary 2024-04-23

Google ad for Facebook redirects to scam HHS Strengthens Privacy of Reproductive Health Care Data Dutch Government Might Leave Facebook Over Privacy Concerns $10 Million Bounty on Iranian Hackers for Cyber Attacks on US Gov, Defense Contractors North Korea-linked APT…

IT Security News Daily Summary 2024-04-22

Facebook AI Makes Creepy Comment That It Has A Gifted, Disabled Child Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw U.S. Senate and Biden Administration Shamefully Renew and Expand FISA Section 702, Ushering in a Two Year…

IT Security News Daily Summary 2024-04-21

Akira ransomware received $42M in ransom payments from over 250 victims DuneQuixote campaign targets the Middle East with a complex backdoor Cyberattackers Employ Elusive “CR4T” Backdoor to Target Middle Eastern Governments New AI Speed Cameras Record Drivers on Their Phones…

IT Security News Daily Summary 2024-04-20

What is Mobile Application Security Testing? Explained USENIX Security ’23 – PrivGraph: Differentially Private Graph Data Publication by Exploiting Community Information A French hospital was forced to reschedule procedures after cyberattack GenAI Presents a Fresh Challenge for SaaS Security Teams…

IT Security News Daily Summary 2024-04-19

Your Android phone could have stalkerware — here’s how to remove it Friday Squid Blogging: Squid Trackers Google Consolidates DeepMind And AI Research Teams Sacramento airport goes no-fly after AT&T internet cable snipped More on the PAN-OS CVE-2024-3400 PRODUCT REVIEW:…

IT Security News Daily Summary 2024-04-18

‘ASTORS’ Champion Adds Passphrase Generator to Keeper Web Vault Two Years Post-Roe: A Better Understanding of Digital Threats Vulnerabilities for AI and ML Applications are Skyrocketing Data Matters ? The Value of Visibility in API Security What to Consider When…

IT Security News Daily Summary 2024-04-17

Facebook’s Controversial “Consent Or Pay” Privacy Model Officially Shot Down Should you share your location with your partner? Kapeka: A New Backdoor in Sandworm’s Arsenal of Aggression Big Tech Says Spy Bill Turns Its Workers Into Informants Kremlin’s Sandworm blamed…

IT Security News Daily Summary 2024-04-16

Palo Alto Networks GlobalProtect exploit public and widely exploited CVE-2024-3400, (Tue, Apr 16th) Simeio Returns to Compete in 2024 ‘ASTORS’ Awards with Simeio OI ShadowRay Vulnerability: 6 Lessons for AI & Cybersecurity MGM says FTC can’t possibly probe its ransomware…

IT Security News Daily Summary 2024-04-15

4 types of cloud security tools organizations need in 2024 Vulnerability Recap 4/15/24 – Palo Alto, Microsoft, Ivanti Exploits Cisco Duo warns telephony supplier data breach exposed MFA SMS logs D3 Security at RSAC 2024: Streamline Your Security Operations with…

IT Security News Daily Summary 2024-04-14

Facebook Testing Tools To Auto-Blur Nudity In Teens’ DMs Deciphering Metrics: From NCAA Women’s Basketball to Cyber Trends USENIX Security ’23 – How to Bind Anonymous Credentials to Humans Apple Alerts iPhone Users of ‘Mercenary Attack’ Threat Canadian retail chain…

IT Security News Daily Summary 2024-04-13

Crooks manipulate GitHub’s search results to distribute malware ISC Stormcast For Sunday, April 14th, 2024 https://isc.sans.edu/podcastdetail/8938, (Sat, Apr 13th) What is Web Application Security Testing? BatBadBut flaw allowed an attacker to perform command injection on Windows Offensive Security Necessitates a…

IT Security News Daily Summary 2024-04-12

State-Sponsored Hackers Exploit Zero-Day to Backdoor Palo Alto Networks Firewalls Rust gets security fix for Windows vulnerability Pros and cons of 7 breach and attack simulation tools Roku disclosed a new security breach impacting 576,000 accounts Google One VPN axed…

IT Security News Daily Summary 2024-04-11

2024 Cybersecurity Excellence Awards – Extended Deadline Locking down container security once and for all with Rust-based Edera DuckDuckGo’s Privacy Pro bundles a VPN with personal data removal and identity theft restoration Why CISA is Warning CISOs About a Breach…

IT Security News Daily Summary 2024-04-10

fraud detection Maryland State Passes Two Major Privacy Bills To Stop Facebook Data Gathering Trump Loyalists Kill Vote on US Wiretap Program AT&T states that the data breach impacted 51 million former and current customers It’s 2024 and Intel silicon…

IT Security News Daily Summary 2024-04-09

Is My VPN Working? How to Test for VPN Leaks VERT Threat Alert: April 2024 Patch Tuesday Analysis April’s Patch Tuesday Brings Record Number of Fixes Section 702: The Future of the Biggest US Spy Program Hangs in the Balance…

IT Security News Daily Summary 2024-04-08

Greylock McKinnon Associates data breach exposed DOJ data of 341650 people Hashicorp Versus OpenTofu Gets Ugly US insurers use drone photos to deny home insurance policies Facebook Accused Of Censoring Small Newspaper That Criticized It Leveraging Cloud Native Technologies in…

IT Security News Daily Summary 2024-04-07

A Breakthrough Online Privacy Proposal Hits Congress Conn. CISO Raises Security Concerns Over BadGPT, FraudGPT Privnote Secure Messaging App Is Under Phishing Threat US Environmental Protection Agency Allegedly Hacked, 8.5M User Data Leaked The Growing Threat of Remote Desktop Protocol…

IT Security News Daily Summary 2024-04-06

US Cancer Patient Data Breach Affected 800000 Patients Records Insights into Recent Malware Attacks: Key Learnings and Prevention Strategies AI Developed to Detect Invasive Asian Hornets More than 16,000 Ivanti VPN gateways still vulnerable to RCE CVE-2024-21894 Bing Ad Posing…

IT Security News Daily Summary 2024-04-05

Magento flaw exploited to deploy persistent backdoor hidden in XML Friday Squid Blogging: SqUID Bots Salt Security Applies Generative AI to API Security Anyscale addresses critical vulnerability on Ray framework — but thousands were still exposed Beware the Blur: Phishing…

IT Security News Daily Summary 2024-04-04

Google survey: 63% of IT and security pros believe AI will improve corporate cybersecurity The Power of AI Assistants and Advanced Threat Detection 2024-04-04: Koi Loader/Stealer activity Google Patches Pixel Phone Zero-days After Exploitation by Ransomware attacks ravaged municipal governments…

IT Security News Daily Summary 2024-04-03

Google addressed another Chrome zero-day exploited at Pwn2Own in March Smart Traffic Signals Security in the Era of AI and Smart Cars Google patches critical vulnerability for Androids with Qualcomm chips Want to keep getting Windows 10 updates next year?…

IT Security News Daily Summary 2024-04-02

3 UK Cyber Security Trends to Watch in 2024 How to Escape the 3 AM Page as a Kubernetes Site Reliability Engineer A Deep Dive on the xz Compromise Defending against IoT ransomware attacks in a zero-trust world Open source…

IT Security News Daily Summary 2024-04-01

Banks in Singapore begin sharing data to combat financial crime The Incognito Mode Myth Has Fully Unraveled 2024 State of Malware in Education report: Top 6 cyberthreats facing K-12 and Higher Ed Malicious xz backdoor reveals fragility of open source…

IT Security News Daily Summary 2024-03-31

PyPI Halts New User Registrations to Combat Malware Campaign XZ Utils backdoor update: Which Linux distros are affected and what can you do? Checking CSV Files, (Sun, Mar 31st) Security Affairs newsletter Round 465 by Pierluigi Paganini – INTERNATIONAL EDITION…

IT Security News Daily Summary 2024-03-30

Understanding and Mitigating the Fedora Rawhide Vulnerability (CVE-2024-3094) Lateral Movement in Cybersecurity: Sneaking Sideways Through a Network Technologist Versus Spy: The xz Backdoor Debate AT&T Says PII From 73 Million Account Holders Leaked Onto Dark Web Expert found a backdoor…

IT Security News Daily Summary 2024-03-29

Malicious backdoor sneaks into xz, Linux world’s data compression library and tool U.S. Supreme Court Does Not Go Far Enough in Determining When Government Officials Are Barred from Censoring Critics on Social Media Easy-to-use make-me-root exploit lands for recent Linux…

IT Security News Daily Summary 2024-03-28

SydeLabs raises $2.5M seed to develop an intent-based firewall guard for AI New iMessage Phishing Campaign Targets Postal Service Users Globally Activision investigating password-stealing malware targeting game players Go Big & Go Chrome: Strengthen Cybersecurity in Education, the Enterprise &…

IT Security News Daily Summary 2024-03-27

Apple fans flooded with phony password reset requests ​​Frost & Sullivan names Microsoft a Leader in the Frost Radar™: Managed Detection and Response, 2024 ​​Frost & Sullivan names Microsoft a Leader in the Frost Radar™: Managed Detection and Response, 2024…

IT Security News Daily Summary 2024-03-26

TheMoon bot infected 40,000 devices in January and February ​​Frost & Sullivan names Microsoft a Leader in the Frost Radar™: Managed Detection and Response, 2024 The foundation for responsible analytics with Microsoft Purview Facebook snooped on users’ Snapchat traffic in…

IT Security News Daily Summary 2024-03-25

Chinese nationals charged with cyber-spying on US biz and more for Beijing Constella and Social Links Join Forces to Deliver Transformative OSINT Solutions How to Get the Most From Your Secrets Scanning CISA adds FortiClient EMS, Ivanti EPM CSA, Nice…

IT Security News Daily Summary 2024-03-24

Some 300,000 IPs vulnerable to this Loop DoS attack Controversy Surrounds Flipper Zero Amid Car Theft Concerns Security Affairs newsletter Round 464 by Pierluigi Paganini – INTERNATIONAL EDITION USENIX Security ’23 – Jinwen Wang, Yujie Wang, Ao Li, Yang Xiao,…

IT Security News Daily Summary 2024-03-23

Windows Server 2012 / 2012 R2 End of Life – Here’s How to Secure your Legacy Servers Russia-linked APT29 targeted German political parties with WINELOADER backdoor Will AI augment or annex cybersecurity jobs? Cyber Extortion Stoops Lowest: Fake Attacks, Whistleblowing,…

IT Security News Daily Summary 2024-03-22

Unsaflok flaws allow to open millions of doors using Dormakaba Saflok electronic locks Chinese snoops use F5, ConnectWise bugs to sell access into top US, UK networks Empowering Developers With Scalable, Secure, and Customizable Storage Solutions Chinese snoops use F5,…

IT Security News Daily Summary 2024-03-21

Role-Based Multi-Factor Authentication Transforming communities, one drop of water at a time Critical Fortinet’s FortiClient EMS flaw actively exploited in the wild FBI v the bots: Feds urge denial-of-service defense after critical infrastructure alert Apple’s iMessage Encryption Puts Its Security…

IT Security News Daily Summary 2024-03-20

Users say Glassdoor added real names to user profiles without their consent OpenAI’s GPT store is brimming with promise – and spam The best VPN routers of 2024 How to defend against phishing as a service and phishing kits Introducing…

IT Security News Daily Summary 2024-03-19

This Acoustic Side-Channel Attack Steals Keystrokes Via Typing Patterns Pro Players Hacked Live On Stream! Apex Legends Tournament Postponed Pokemon resets some users passwords after hacking attempts Ukraine cyber police arrested crooks selling 100 million compromised accounts Daniel Stori’s ‘I’m…

IT Security News Daily Summary 2024-03-18

Mintlify says customer GitHub tokens exposed in data breach Don’t be like these 900+ websites and expose millions of passwords via Firebase PoC exploit for critical RCE flaw in Fortra FileCatalyst transfer tool released Fujitsu Scrambles After Malware Attack: Customer…

IT Security News Daily Summary 2024-03-17

Threat actors leaked 70,000,000+ records allegedly stolen from AT&T USENIX Security ’23 – Tanusree Sharma, Zhixuan Zhou, Andrew Miller, Yang Wang – A Mixed-Methods Study Of Security Practices Of Smart Contract Developers 10 Takeaways from the 2024 Gartner IAM Summit…

IT Security News Daily Summary 2024-03-15

Navigating Certificate Lifecycle Management (CLM) and Mobile Device Management (MDM) With an Effective PKI Solution 5 Best VPNs for Travel in 2024 (Free & Paid VPNs) Simplify DNS Policy Management With New Umbrella Tagging APIs Satellites for quantum communications Lawmakers…

IT Security News Daily Summary 2024-03-14

​​Microsoft named as a Leader in three IDC MarketScapes for Modern Endpoint Security 2024 Recent DarkGate campaign exploited Microsoft Windows zero-day Making the Law Accessible in Europe and the USA JetBrains, Rapid7 clash over vulnerability disclosure policies CEO of Data…

IT Security News Daily Summary 2024-03-13

Feds seek attestation on secure software Malwarebytes Premium blocks 100% of malware during external AVLab test Facebook VR Headsets Are Vulnerable To “Inception-Style” Hack Edgeless Systems Brings Confidential Computing to AI LockBit Affiliate Sentenced to 4 Years in Canada, Faces…

IT Security News Daily Summary 2024-03-12

Congress Must Stop Pushing Bills That Will Benefit Patent Trolls Tweaks Stealer Targets Roblox Users Through YouTube and Discord Microsoft Patch Tuesday security updates for March 2024 fixed 59 flaws Sophos: Remote ransomware attacks on SMBs increasing Facebook And Instagram…

IT Security News Daily Summary 2024-03-11

Understanding the basics of Windows 365 Government Four things we learned when US spy chiefs testified to Congress Kremlin accuses America of plotting cyberattack on Russian voting systems Data brokers admit they’re selling information on precise location, kids, and reproductive…

IT Security News Daily Summary 2024-03-10

Are We Experiencing the End of Biometrics? OWASP Mobile Top 10 Lists For 2024 GenAI Regulation: Why It Isn’t One Size Fits All Apple iOS and iPadOS Memory Corruption Vulnerabilities: A Critical Alert USENIX Security ’23 – Jialai Wang, Ziyuan…

IT Security News Daily Summary 2024-03-09

Hacker Claims Breaching US Federal Contractor Acuity, Selling ICE, USCIS Data Seamless Integration: Connecting AWS Lambda to RDS and Writing Data Effortlessly CISA adds JetBrains TeamCity bug to its Known Exploited Vulnerabilities catalog Safeguarding the Code That Drives Modern Vehicles…

IT Security News Daily Summary 2024-03-08

Friday Squid Blogging: New Plant Looks Like a Squid Four Reasons to Protect the Internet this International Women’s Day Four Infosec Tools for Resistance this International Women’s Day Four Actions You Can Take To Protect Digital Rights this International Women’s…

IT Security News Daily Summary 2024-03-07

2023 FBI Internet Crime Report reported cybercrime losses reached $12.5 billion in 2023 We’re not Meta support: State AGs tell Zuck to fix rampant account takeover problem Victory! EFF Helps Resist Unlawful Warrant and Gag Order Issued to Independent News…

IT Security News Daily Summary 2024-03-06

Healthcare Groups Push for Help in Wake of Ransomware Attack on Change A Comprehensive Guide To Prototyping PCB Assembly FBI: Critical infrastructure suffers spike in ransomware attacks How NIST CSF 2.0 Can Help Schools USENIX Security ’23 – Wai Man…

IT Security News Daily Summary 2024-03-05

VMware urgent updates addressed Critical ESXi Sandbox Escape bugs Self-Replicating AI Malware is Here😱 #ComPromptMized Executive leadership changes to drive innovation, simplicity, and growth Self-Replicating AI Malware is Here😱 #ComPromptMized Report Uncovers Massive Sale of Compromised ChatGPT Credentials Self-Replicating AI…

IT Security News Daily Summary 2024-03-04

Epic Games ‘hackers’ admit threat of leak was phony Voting No on Prop E Is Easy and Important for San Francisco Secure Your API With These 16 Practices With Apache APISIX (Part 2) White House Recommends Memory-Safe Programming Languages and…

IT Security News Daily Summary 2024-03-03

USENIX Security ’23 – Liang Niu, Shujaat Mirza, Zayd Maradni, Christina Pöpper – CodexLeaks: Privacy Leaks from Code Generation Language Models in GitHub Copilot 8 Tips To Protect Your Organization in the Evolving SaaS Landscape 4 strategies data-driven CISOs need…

IT Security News Daily Summary 2024-03-02

USENIX Security ’23 – Log: It’s Big, It’s Heavy, It’s Filled with Personal Data! Measuring the Logging of Sensitive Information in the Android Ecosystem Microsoft Copilot for Finance: Transforming Financial Workflows with AI Precision GitHub Vulnerability Exposes Millions to RepoJacking…

IT Security News Daily Summary 2024-03-01

NIST Cybersecurity Framework: A Cheat Sheet for Professionals Friday Squid Blogging: New Extinct Species of Vampire Squid Discovered Air National Guardsman Teixeira to admit he was Pentagon files leaker USENIX Security ’23 – Vivek Nair, Dawn Song – Multi-Factor Key…

IT Security News Daily Summary 2024-02-29

Fulton County, Security Experts Call LockBit’s Bluff Researchers found a zero-click Facebook account takeover ALPHV Blackcat, GCP-Native Attacks, Bandook RAT, NoaBot Miner, Ivanti Secure Vulnerabilities, and More: Hacker’s Playbook Threat Coverage Round-up: February 2024 A leaky database spilled 2FA codes…

IT Security News Daily Summary 2024-02-28

Speedify VPN Free vs. Premium: Which Plan Is Right For You? Best Secure Access Service Edge Platforms in 2024 High-risk open source vulnerabilities on the rise, Synopsys reports Wireless and the CiscoLive Network Operations Center Navigating the Waters of Generative…

IT Security News Daily Summary 2024-02-27

USENIX Security ’23 – ClepsydraCache – Preventing Cache Attacks with Time-Based Evictions Synopsys Report Exposes Extent of Open Source Software Security Risks Black Basta and Bl00dy ransomware gangs exploit recent ConnectWise ScreenConnect bugs EFF to D.C. Circuit: The U.S. Government’s…

IT Security News Daily Summary 2024-02-26

Latest Research Reveals Rise in API Attacks in 2023, Putting Businesses at Risk in 2024 Malicious Packages in npm, PyPI Highlight Supply Chain Threat From Indiana Jones to Cybersecurity: The Inspiring Journey of Devin Nevada sues to deny kids access…

IT Security News Daily Summary 2024-02-25

Safeguarding Children in the Era of Big Data Securing Space Infrastructure for US And Allied Collaboration Understand Cyber Insurance: Rising Risks and How to Right-Size Policies Cell Service Restored Following Extensive AT&T Outage A cyber attack hit the Royal Canadian…

IT Security News Daily Summary 2024-02-24

A Vending Machine Error Revealed Secret Face Recognition Tech White House Wades Into Debate on ‘Open’ Versus ‘Closed’ Artificial Intelligence Systems USENIX Security ’23 – Dawei Wang, Ying Li, Zhiyu Zhang, Kai Chen – CarpetFuzz: Automatic Program Option Constraint Extraction…

IT Security News Daily Summary 2024-02-23

Hackers Leak 2.5M Private Plane Owners’ Data Linked to LA Intl. Airport Breach Microsoft released red teaming tool PyRIT for Generative AI EFF Urges Ninth Circuit to Reinstate X’s Legal Challenge to Unconstitutional California Content Moderation Law February 2024 Web…

IT Security News Daily Summary 2024-02-22

Identify Weak Links in Your Application Stack – Part 2, Anomaly Detection Cyberattack downs pharmacies across America USENIX Security ’23 – Junjie Wang, Zhiyi Zhang, Shuang Liu, Xiaoning Du, Junjie Chen – FuzzJIT: Oracle-Enhanced Fuzzing for JavaScript Engine JIT Compiler…

IT Security News Daily Summary 2024-02-21

Discord took no action against server that coordinated costly Mastodon spam attacks Biden asks Coast Guard to create an infosec port in a stormy sea of cyber threats US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT…