IT Security News Daily Summary 2023-11-04

• Provocative Facebook Ads Leveraged to Deliver NodeStealer Malware

• DEF CON 31 – Tracy Mosley’s ‘War Stories – Nuthin’ But A G Thang Evolution of Cellular Networks’

• Google Completes Mobile-First Indexing After 7 Years

• AI’s Swift Impact on the IT Industry

• Meta Extends Ad-Free Facebook and Instagram Premium Access Worldwide

• DarkGate Using its New Variant MSI to Harm Your System

• Atlassian Warns of Critical Confluence Vulnerability Resulting in Data Loss

• Securing Cloud Infrastructure Demands a New Mindset

• Container Security Essentials: Vulnerability Scanning and Change Detection Explained

• Massive Surge in Security Breaches of Pensions Prompt Questions

• Simple Reminders to Conclude Cybersecurity Awareness Month

• Tripwire Patch Priority Index for October 2023

• Android’s new real-time app scanning aims to combat malicious sideloaded apps

• Fitmart – 214,492 breached accounts

• The Threat Is Real. MacOS Patching Keeps Your Apple Safe

• How To Break The Metrics Mirage in Vulnerability Management

• Privilege Overreach, the Lurking PAM Security Threat

• Silent Safeguards – The Essence of ISO 27001 Controls

• More ways for users to identify independently security tested apps on Google Play

• Qualified certificates with qualified risks

• Defense in depth: Layering your security coverage

• Kinsing threat actors probed the Looney Tunables flaws in recent attacks

• New Secaucus Point of Presence Increases Resilience for Financial Services

• Imperva customers are protected against CVE-2023-22518 in Confluence Data Center and Server

• Apache ActiveMQ Vulnerability Exploited as Zero-Day

• North Korean Hackers Use New ‘KandyKorn’ macOS Malware in Attacks

• In Other News: Airport Taxi Hacking, Post-Quantum Crypto Guidance, Stanford Breach

• Mortgage Giant Mr. Cooper Shuts Down Systems Following Cyberattack

• Okta Hack Blamed on Employee Using Personal Google Account on Company Laptop

• StripedFly Malware Operated Unnoticed for 5 Years, Infecting 1 Million Devices

• LEGO Marketplace BrickLink Hacked? Website Down Amid Unusual Activity

• American Airlines Pilot Union Hit with Ransomware

• This Cheap Hacking Device Can Crash Your iPhone With Pop-Ups

• Google Play Store Introduces ‘Independent Security Review’ Badge for Apps

• Okta’s Recent Customer Support Data Breach Impacted 134 Customers

• ‘Corrupt’ cop jailed for tipping off pal to EncroChat dragnet

• Eclypsium Platform Datasheet

• Phone Scammers Evolve: AI-Powered Voice Mimicry Poses New Threat

• Cyber Threat Intelligence Frameworks: What You Need to Know

• The mysterious demise of the Mozi botnet – Week in security with Tony Anscombe

• Cybersecurity: From Policies to Protection

• Russia’s 2nd-Largest Insurer Rosgosstrakh Hacked; 400GB of Data Sold Online

• To Improve Cyber Defenses, Practice for Disaster

• ZDI discloses four zero-day flaws in Microsoft Exchange

• IT Security News Daily Summary 2023-11-03

• Critical Atlassian Bug Exploit Now Available; Immediate Patching Needed

• DEF CON 31 Packet Hacking Village – Mike Raggo’s, Chet Hosmer’s ‘OSINT for Physical Security Intelligence’

• Threat Roundup for October 27 to November 3

• Whitelisting vs Blacklisting: How Are They Different?

• Ace Hardware Still Reeling From Weeklong Cyberattack

• Okta customer support system breach impacted 134 customers

• 81K people’s sensitive info feared stolen from Hilb after email inboxes ransacked

• Lazarus Group uses KandyKorn macOS malware for crypto theft

• The 12 best gifts for hackers in 2023

• Okta Customer Support Breach Exposed Data on 134 Companies

• Ex-GCHQ software dev jailed for stabbing NSA staffer

• EleKtra-Leak Campaign Uses AWS Cloud Keys Found on Public GitHub Repositories to Run Cryptomining Operation

• Cyber Security Today, Week in Review for the week ending Friday, Nov. 3, 2023

• 2023-11-02 – TA577 Pikabot activity

• What Is a VPN? Definition, How It Works, and More

• Tech Leader Says Facebook Lawsuits Will Rein It In Like Big Tobacco

• Somebody Just Killed the Mozi Botnet

• ‘KandyKorn’ macOS Malware Lures Crypto Engineers

• Thoughts on AI and Cybersecurity

• Empower Incident Response with Real-Time, Just-in-Time Alerts and Access

• Prolific Mozi Botnet Deliberately Shut Down with Kill Switch

• A cautionary tale: The tragic case of two Danish hosting firms who lost all their clients’ data

• QR Codes are a Security Blindspot

• Cisco Releases Security Advisories for Multiple Products

• 6 Steps to Accelerate Cybersecurity Incident Response

• 18 Software Development Trends and Predictions 2024

• Microsoft’s Secure Future Initiative Boosts Cybersecurity Against Advanced Attacks

• The Future of Encryption: Navigating Change with Crypto-Agility

• CISA Awards $3M in Funding for Cyber Education and Training of Next-Gen Cyber Leaders

• Top 5 Kubernetes Vulnerabilities – 2023

• Secrets Management Takes More Than Just Tools

• Apache ActiveMQ vulnerability used in ransomware attacks

• Responsible AI is built on a foundation of privacy

• Realize significant value with a true consumption model, increased performance, and comprehensive services

• Microsoft pins hopes on AI once again – this time to patch up Swiss cheese security

• Ransomware hits Infosys, Ace Hardware and Henry Schein

• Sam Bankman-Fried Found Guilty On All Charges

• Common Vulnerabilities and Exposures (CVE)

• SEC Sets New Disclosure Rules: Read How It Will Revolutionize Organization Cybersecurity

• How voice cloning is shaping the future of cybersecurity

• AI Safety Summit 2023: Musk Tells PM AI Will End Work

• Multiple WhatsApp mods spotted containing the CanesSpy Spyware

• SASE Success: Avoid Confusion and Embrace a Single-Vendor Solution

• VICTORY: Google WEI ‘Stealth DRM’ Plan is Dead (or is it?)

• 9 secure email gateway options for 2024

• Microsoft to Ramp AI and Automation in Security Overhaul

• PUMA Network: Unmasking a Cybercrime Empire

• Island names Matt Fairbanks as CMO and Ellen Roeckl as CCO

• Spyware Designed for Telegram Mods Also Targets WhatsApp Add-Ons

• PSA: Your chat and call apps may leak your IP address

• Ransomware Readiness Assessments: One Size Doesn’t Fit All

• Appdome partners with JetBrains to automate delivery of secure mobile apps

• 48 Malicious npm Packages Found Deploying Reverse Shells on Developer Systems

• CanesSpy Spyware Discovered in Modified WhatsApp Versions

• Predictive AI in Cybersecurity: Outcomes Demonstrate All AI is Not Created Equally

• NodeStealer Malware Hijacking Facebook Business Accounts for Malicious Ads

• Kinsing Actors Exploiting Recent Linux Flaw to Breach Cloud Environments

• Healthcare Data Breaches Impact 88 Million Americans

• Getting to Know Zehra Hussain

• Considerations for Managing Digital Sovereignty: The Executive Perspective

• The President’s EO on AI – What it Does and Why it Won’t Work

• Hacker Threat: Israeli Police Advise Citizens not to Answer Unknown Calls

• SEC’s Legal Action Against SolarWinds and CISO Creates Uncertainty in Cybersecurity

• The FTC’s new Amendment Requires Financial Institutions to Report Security Breaches Within 30 Days

• Identiv Enterphone Mobile protects users against security breaches

• Oracle Enables MFA by Default on Oracle Cloud

• KandyKorn macOS malware lobbed at blockchain engineers

• Apple Disappoints As FY23 Results Decline

• Intuition and Curiosity Mix Well with Technology

• Russian FSB arrested Russian hackers who supported Ukrainian cyber operations

• What is an API Gateway? – Definition, Benefits and Limitations

• Machine Identity 101

• CISA Seeks Public Input for Supply Chain Security Improvements

• Why Online Privacy Protection is a Necessary Measure for Executives

• PagerDuty acquires Jeli to improve enterprise resilience

• Cyber Security Today, Nov. 3, 2023 – Hackers are after vulnerable Apache and Citrix products

• Microsoft launches new initiative to augment security

• UK AI Safety Institute: A Blueprint for the Future of AI?

• Hackers Hijacking Facebook Accounts with Malware via Facebook Ads

• New Common Vulnerability Scoring System (CVSS) v4.0 Released – What’s New!

• Accenture Acquires Leading Spanish Cybersecurity Firm Innotec Security

• New York Increases Cybersecurity Rules for Financial Companies

• UK data watchdog fines three text spammers for flouting electronic marketing rules

• Microsoft Takes on Cyber-Threats with New Secure Future Initiative

• Atlassian Finds Public Exploit for Critical Bug

• Aerospace Giant Boeing Confirms Cyber Compromise, LockBit Claims Responsibility

• HIPAA Updates and Changes in 2023: Here’s What You Need to Know

• DarkGate, Which Abused Microsoft Teams, Now Leverages MSI Files

• MuddyWater has been spotted targeting two Israeli entities

• Silicon UK Pulse: Your Tech News Update: Episode 25

• CVSS 4.0 standard has been released

• Multiple Cisco Services Engine Flaws Let Attackers Upload Arbitrary Files

• Palo Alto Networks acquires Dig Security n Accenture purchases Innotec Security

• What is data security posture management

• How cybercriminals adapt and thrive amidst changing consumer trends

• New infosec products of the week: November 3, 2023

• Healthcare’s road to redefining cybersecurity with modern solutions

• Financial organizations embrace automation for enhanced security

• AI is transforming financial crime compliance

• Locked and Loaded: Mastering Access Control in Your Business

• FTX crypto-villain Sam Bankman-Fried convicted on all charges

• How Smart SOAR Integrations are Built

Generated on 2023-11-04 23:55:46.514050