IT Security News Daily Summary 2023-11-14

• Fall back…into some good digital health habits

• Region 3 in Action

• Where Cybersecurity Starts in Region 2

• “Sopranos” Actors Say Fake Facebook Accounts Are Scamming Fans

• Microsoft Patch Tuesday security updates fixed 3 actively exploited flaws

• VERT Threat Alert: November 2023 Patch Tuesday Analysis

• Red Hat: UK Leads Europe in IT Automation, But Key Challenges Persist

• Cryptocurrency wallets might be vulnerable to ‘Randstorm’ flaw

• Google Goes After Scammers Abusing Its Bard AI Chatbot

• OracleIV Emerges As A Dockerized DDoS Bot Agent

• Protected Virtual Machines Exposed To New CacheWarp AMD CPU Attack

• Intel Out-Of-Band Patch Addresses Privilege Escalation Flaw

• TETRA Encryption Algorithms To Enter Public Domain

• Millions Of Old Bitcoin Wallets Have Critical Security Flaws, Experts Say

• Danish critical infrastructure hit by the largest cyber attack in Denmark’s history

• Critical Authentication Bypass Flaw in VMware Cloud Director Appliance

• Microsoft Warns of Critical Bugs Being Exploited in the Wild

• Zero-Days in Edge Devices Become China’s Cyber Warfare Tactic of Choice

• Scraping-as-a-Service: How a Harmless Tool Became a Cyber Threat

• Microsoft discloses only three critical vulnerabilities in November’s Patch Tuesday update, three other zero-days

• 21 Vulnerabilities Discovered in Crucial IT-OT Connective Routers

• Hackers are exploiting ‘CitrixBleed’ bug in the latest wave of mass cyberattacks

• EFF Urges FTC to Address American Resellers of Malware on Android TV Set-Top Boxes

• Lacework Extends Security Reach Into Application Development

• ICBC Ransomware Attack – China’s Largest Bank Forced To Use USBs

• cardholder data environment (CDE)

• CacheWarp Attack: New Vulnerability in AMD SEV Exposes Encrypted VMs

• Understanding PDF Standards: What Developers Should Know

• TikTok bans explained: Everything you need to know

• AMD SEV OMG: Trusted execution undone by cache meddling

• UK Cybersecurity Center Says ‘Deepfakes’ and Other AI Tools Pose a Threat to the Next Election

• Zip Raises $7.7 Million to Expand SMB Cybersecurity Business

• Protected Virtual Machines Exposed to New ‘CacheWarp’ AMD CPU Attack

• Adobe Patch Tuesday: Critical Bugs in Acrobat, Reader, ColdFusion

• Comic Agilé – Mikkel Noe-Nygaard, Luxshan Ratnaravi – #267 — The Ultimate Canvas

• Danish energy sector hit by a wave of coordinated cyberattacks

• Microsoft guidance regarding credentials leaked to GitHub Actions Logs through Azure CLI

• DHS Cybersecurity and Infrastructure Security Agency Releases Roadmap for Artificial Intelligence

• Intel out-of-band patch addresses privilege escalation flaw

• Bypassing API rate limiting using IP rotation in Burp Suite

• Pro-Palestinian TA402 APT Using IronWind Malware in New Attack

• Spring OAuth Server: Authenticate User With UserDetails Service

• Asian Americans Raise Alarm Over ‘Chilling Effects’ of Section 702 Surveillance Program

• AVEVA Operations Control Logger

• CISA Releases Two Industrial Control Systems Advisories

• The Power of LTE 450 for Critical Infrastructure

• To Address Online Harms, We Must Consider Privacy First

• MySQL Servers, Docker Hosts Infected With DDoS Malware

• RansomedVC Ransomware Group is Shutting Down and Selling Assets

• DirectDefense ThreatAdvisor 3.0 offers continuous security monitoring and management

• Python Package Index Faces Security Crisis With Validated Leaks

• Rockwell Automation SIS Workstation and ISaGRAF Workbench

• AIOps Drives Exceptional Digital Experience Through Network Assurance

• Speeding to Growth: Greater Together with Cisco Security

• Ransomware Roundup – NoEscape

• Illumio CloudSecure addresses attacks across hybrid and multi-cloud environments

• KasadaIQ for Fraud enables enterprises to predict and prevent account takeover

• 82% of Attacks Show Cyber-Criminals Targeting Telemetry Data

• Royal Ransom Demands Exceed $275M, Rebrand in Offing

• CISA Has a New Road Map for Handling Weaponized AI

• Put Your Skills to the Test in OffSec’s 2023 EOY CTF

• Closing the Talent Gap in Cybersecurity

• Kasada Introduces New Suite of Attack Prediction Services: KasadaIQ

• Lacework unifies code and cloud security

• India to make CyberShield mandatory for Vehicles

• Government Tells Delivery Apps To Tighten Account Controls

• Navigating the Terrain: GPT’s Journey into Malware Analysis

• New Synopsys Research Reveals a Decrease in Software Vulnerabilities

• Understanding Cold Boot Attacks: Is Defense Possible?

• YouTube Faces Struggle from EU Regulators for Dropping Use of Ad Blockers

• Data from 8,000 Consumers May Have Been “Compromised,” Electric Ireland Warns

• Bill Gates’ AI Vision: Revolutionizing Daily Life in 5 Years

• SolarWinds expands observability offering to provide enterprises with full visibility into databases

• PlexTrac Establishes UK and European Operations

• Huawei Ramps 5G Smartphone Production Amidst Strong Demand

• Molerats Group Wields Custom Cybertool to Steal Secrets in the Middle East

• Steps CISOs Should Take Before, During & After a Cyberattack

• Fermi’s Paradox Proves There’s No Government Alien Conspiracy Around Roswell

• Ransomware royale: US confirms Royal, BlackSuit are linked

• FBI ‘Knows Identities’ Of MGM, Caesars Hacking Gang

• LogShield: A New Framework that Detects the APT Attack Patterns

• What Does PCI DSS 4.0 Mean for API?

• The evolution of ransomware: Lessons for the future

• It Takes Three to Make Hybrid Work Go Right

• Centripetal Launches Global Partner Program

• Credit card skimming on the rise for the holiday shopping season

• ICS Patch Tuesday: 90 Vulnerabilities Addressed by Siemens and Schneider Electric

• Radiant Snags $15 Million for AI-Powered SOC Technology

• Royal Ransomware Possibly Rebranding After Targeting 350 Organizations Worldwide

• The FAIR Risk Model: A Practical Guide for Organizations

• OneSpan DIGIPASS FX1 BIO protects against social engineering and account takeover attacks

• Hackers Exploiting Create2 to Bypass Wallet Security Alerts

• Sustainability, Collaboration, and Cisco: A Channel Leader’s Perspective

• Juniper networking devices under attack

• Top 10 API Security Threats for Q3 2023

• Webinar Today: Using Governance and Privilege to Gain Control Over Third-Party Access

• Google Suing Cybercriminals Who Delivered Malware via Fake Bard Downloads

• Hacker Conversations: Chris Wysopal, AKA Weld Pond

• IBM watsonx.governance manages, monitors, and governs AI models

• Video Chat Website Omegle Permanently Shuts Down

• Data Governance Best Practices

• A Journey of Impact and Learning: My Unforgettable Summer at AppDynamics

• ESG Survey results reinforce the multi-faceted benefits of SSE

• Innovation and partnership for the AI journey ahead

• Redefine IR with the Unit 42 Incident Response Retainer for No Cost

• Major Australian ports blocked after a cyber attack on DP World

• 22 Energy Firms Hacked in Largest Coordinated Attack on Denmark’s Critical Infrastructure

• PyPI Packages Found to Expose Thousands of Secrets

• Analysing Advanced Persistent Threats 2023: Tactics, Targets, and Trends

• Digital Deception: Hackers Target Users with Malware via Fake Windows News on Google Ads

• 6clicks helps organizations manage and report on material cybersecurity events

• Alert: OracleIV DDoS Botnet Targets Public Docker Engine APIs to Hijack Containers

• The Importance of Continuous Security Monitoring for a Robust Cybersecurity Strategy

• Tesla Hikes Prices In China Amidst Stiff Domestic EV Competition

• Google, Microsoft Will Not Challenge EU DMA Gatekeeper Designation

• World’s Largest Bank, China’s ICBC, Faces Cyberattack Causing Disruption in Treasury Markets

• CI/CD Risks: Protecting Your Software Development Pipelines

• Better Smart Contract Security With Fine-Grained Permissions in Cadence

• How To Fix SignTool Error

• How Does IoT Contribute to Real-Time Grid Monitoring for Enhanced Stability and Fault Detection?

• Novel backdoor persists even after critical Confluence vulnerability is patched

• The Mirai Confessions: Three Young Hackers Who Built a Web-Killing Monster Finally Tell Their Story

• How to Protect Businesses From Holiday Season Cyber Scams

• Ant Group Readies Global Expansion Plans After Emerging From Crackdown

• 6 security best practices for cloud-native applications

• Kinsing Actors Target Cloud Environments Exploiting Looney Tunables

• Breaking the Cycle: Embracing Change in Cybersecurity Practices

• Atlassian Confluence Data Wiping Alert

• New Campaign Targets Middle East Governments with IronWind Malware

• Royal Ransomware Gang Demands $275m in a Year

• Pro-Palestine APT Group Uses Novel Downloader in New Campaign

• Advanced threat predictions for 2024

• NCSC: UK Facing “Enduring and Significant” Cyber-Threat

• Nepal Bans TikTok Over Harm To ‘Social Harmony’

• Nuclear and Oil & Gas are Major Targets of Ransomware Groups in 2024

• Hackers Selling Exploits for Critical Vulnerabilities on the Dark Web

• Ways to Improve High Transactional Customer User Experience

• Avito – 2,721,835 breached accounts

• Moving from Omnifocus to Reminders

• Vietnamese Hackers Using New Delphi-Powered Malware to Target Indian Marketers

• Bug hunters on your marks: TETRA radio encryption algorithms to enter public domain

• NCSC says cyber-readiness of UK’s critical infrastructure isn’t up to scratch

• 4 warning signs that your low-code development needs DevSecOps

• 10 corporate cybersecurity blogs worth your time

• CISA Sets a Deadline – Patch Juniper Junos OS Flaws Before November 17

• Ransomware attack on Huber Heights drives it into Emergency

• Beijing reportedly asked Hikvision to identify fasting students in Muslim-majority province

• Collaborative strategies are key to enhanced ICS security

• k0smotron: Open-source Kubernetes cluster management

• Using real-time monitoring to identify and mitigate threats

• The cloud skills gap is digital transformation’s Achilles’ heel

• File Sharing Fortified: Secure Solutions for Business

• Passive SSH server private key compromise is real … for some vulnerable gear

• Against the Clock: Cyber Incident Response Plan

• Google sues scammers peddling fake malware-riddled Bard chatbot download

• How Financial Services Firms Can Use Application Security Posture Management (ASPM) to Save Costs and Fill Cloud Security Posture Management (CSPM) Coverage Gaps

• Malicious Abrax666 AI Chatbot Exposed as Potential Scam

• Digital Trust & Safety Roundup: Protecting fintech at Money20/20, the truth about AI and fraud, industry awards, and the latest product news

• IT Security News Daily Summary 2023-11-13

• DDoS Attack On ChatGPT Sparks Concerns Over Coding, Productivity Disruptions

• LockBit Takes Credit For Ransomware Attack On US Subsidiary Of Chinese Bank

• In A First, Cryptographic Keys Protecting SSH Connections Stolen In New Attack

• Inside Denmark’s Hell Week As Critical Infrastructure Orgs Faced Cyberattacks

• State of Maine data breach impacts 1.3 million people

• Sandworm, a Russian Threat Actor, Disrupted Power in Ukraine Via Cyberattack

• LockBit ransomware gang claims it leaked stolen Boeing data

• What Is Lateral Movement? Detection & Prevention Tips

• Australian Ports Resume Operation After Crippling Cyber Disruption

• ‘Hunters International’ Cyberattackers Take Over Hive Ransomware

• Cisco’s Journey to DoD 8140 Accreditation

• Writer Warns That It’s Easier To Fall Victim To Facebook Scams Than You Think

• US Privacy Groups Urge Senate Not to Ram Through NSA Spying Powers

• Police Dismantle Phishing-as-a-Service Platform BulletProftLink

• The best Bluetooth trackers of 2023

• The best VPN services for iPhone and iPad in 2023: Tested and reviewed

• European Standards Body Votes to Release Secret Algorithms

• Data Integration in Multi-Cloud Environments: Strategies and Approaches

• Chip Buyers Sue Intel Over Downfall Vulnerability

• LockBit ransomware group assemble strike team to breach banks, law firms and governments.

• Generative AI: Bringing Cybersecurity Readiness to the Broader Market

• Bridging Agile and Continuous Data Management: A Synergetic Perspective

• Check Point Awarded Silver Stevie for Achievement in Developing and Promoting Women

• How generative AI is defining the future of identity access management

• Q&A: Generative AI Comes to the Middle East, Driving Security Changes

• CISA adds five vulnerabilities in Juniper devices to its Known Exploited Vulnerabilities catalog

• Canadian Telecom Summit: AI taking phone fraud to new heights

• BREAKING NEWS: Moneris says no ‘critical’ data affected in ransomware gang’s attack

• A Closer Look at State and Local Government Cybersecurity Priorities

• Reauthorizing Mass Surveillance Shouldn’t be Tied to Funding the Government

• Digital Collaboration: A Double-edged Sword

• Compliance Risk Assessments: 5 Essential Steps for Success

• Azerbaijan Agencies Sign Cyber-Partner Deals

• The best travel VPNs of 2023: Expert tested and reviewed

• Lockbit Ransomware Leaks Boeing Data Trove

• Developers’ Guide to Data Loss Prevention: Best Practices and Strategies

• Apple hints that iOS 17.2 will enable sideloading apps, but not for everyone

• What should admins know about Microsoft Entra features?

• WhatsApp Enhances Call Security With Location Hiding, Unknown Call Block

• Infection Method: Domain Takeover

• Expansion of the Secure Tomorrow Series Toolkit Now Available

• Google Suing Scammers for Fake Bard AI Chatbot Scheme

• Information-Stealing Malware Escalates in Online Gaming

• Multiple Vulnerabilities Found In PureVPN – One Remains Unpatched

• 4 Effective Strategies to Extract Text from Images in Windows 10/11

• Healthcare giant McLaren reveals data on 2.2 million patients stolen during ransomware attack

• Dragos Says No Evidence of Breach After Ransomware Gang Claims Hack via Third Party

• China’s Biggest Lender ICBC Hit by Ransomware

• Microsoft Temporarily Blocks ChatGPT: Addressing Data Concerns

• Tips for Banks to Prevent Data Breaches Through Phishing Education

• Python Malware Poses DDoS Threat Via Docker API Misconfiguration

• Asda Owner EG Group Orders Tesla EV Superchargers

• The Role of Cyber Wellness in Safeguarding Businesses

• LockBit Crashes Boeing Dark Web Data — No Ransom Paid

• Palo Alto Networks adds BYOML framework to Cortex XSIAM 2.0

• A Guide to Handling SAP Security Breaches

• Eight 8 WhatsApp message links that you should never click on

• Foxconn Launches First Communications Satellites

• Carmakers Sell EVs At Discount As Demand Slows

• Data Excellence Unveiled: Mastering Data Release Management With Best Practices

• Empowering cybersecurity leadership: Strategies for effective Board engagement

• Half of Data Security Leaders Struggle to Keep Pace With AI Evolution

• Ransomware Group RansomedVC Closes Shop

• Law Firm Security: Why IT Must Take Control Over User Risk

• PCI Pal and Zoom join forces to secure payment process for customers

• Impinj R720 reader optimizes speed and automation in supply chain and logistics

• Support Telecom Providers on the Journey from Telco to Techco

• Employment Scams On The Rise: What Can HR Do To Mitigate Them?

• Intel is Being Sued Over the ‘Downfall’ CPU Vulnerability for $10K per Plaintiff

• Did iOS 17.1.1 fix Flipper Zero attack problem on iPhones? Not according to my tests

• SEC Suit Ushers in New Era of Cyber Enforcement

• ACSC and CISA Release Business Continuity in a Box

• Broadband Funding for Community Anchor Institutions

• LockBit ransomware gang leaked data stolen from Boeing

• CAPSLOCK & BAE Systems Course Aims to Tackle the UK’s Cybersecurity Skills Gap

• Inside Denmark’s hell week as critical infrastructure orgs faced cyberattacks

• How AI and Automation Can Secure Enterprises and Startups

• Palo Alto Networks SOC Update Extends Machine Learning Reach

• The Dangers of Using Weak or Reused Passwords

• Qohash unveils remediation features for enhanced data security

• ChargeBee SPF and DKIM Configuration: Step By Step

• Clever Elements SPF and DKIM configuration: Step By-Step Guideline

• E-goi SPF and DKIM configuration: Step By Step Guideline

• Cornerstone OnDemand SPF and DKIM configuration: Step By Step Guideline

• China Memory Maker YMTC Sues Micron Over Patent Infringement

• OracleIV DDoS Botnet Malware Targets Docker Engine API Instances

• Cisco Vulnerability Management Named a Leader in Omdia Universe: RBVM Solutions, 2023

• 2.2 Million Impacted by Data Breach at McLaren Health Care

• Network Perception integrates technology with Claroty to boost OT cybersecurity for organizations

• XSIAM 2.0: Continuing to Drive SOC Transformation

• Atom Keylogger – The Budget Friendly Malware For Aspiring Cybercriminals

• Diwali Shopper Beware: Cyber Experts Uncover Fake Flipkart, Amazon Sites Exploiting Festive Fervor

• Cyber Security Today, Nov. 13, 2023 – Booking.com attack may be widespread, ransomware operator calls it quits, and more

• Resecurity integrates with Palo Alto Networks Cortex XSOAR Marketplace

• Elliptic Labs releases AI Virtual Seamless Sensor

• New Ransomware Group Emerges with Hive’s Source Code and Infrastructure

• In-Depth Analysis of July 2023 Exploit Chain Featuring CVE-2023-36884 and CVE-2023-36584

• Cybersecurity horror stories and how to avoid them

• HiBoB Experts Reveal: Top Cybersecurity Threats for Employee Data

• Upgrade to Microsoft Windows 11 Home for Just $30

• Ransomware Group Leaks Files Allegedly Stolen From Boeing

• Top 5 Marketing Tech SaaS Security Challenges

• Alibaba Cloud Outage Takes Down Shopping, Communications Apps

• Game Over: gaming community at risk with information stealers

• Australian Port Operator Resumes Operations After Cyber-Attack

• Silicon UK In Focus Podcast: The Tech Generation

• Security, privacy, and generative AI

• Netskope Delivers the Next Gen SASE Branch, Powered by Borderless SD-WAN

• Yellen Says Ransomware Attack on China’s Biggest Bank Minimally Disrupted Treasury Market Trades

• Operations at Major Australian Ports Significantly Disrupted by Cyberattack

• Mr. Cooper Says Customer Data Compromised in Cyberattack

• Dashboard Series: Analyze endpoint security control gaps with Balbix

• EU Formalizes Cybersecurity Support For Ukraine

• A Simplified Overview of the MITRE ATT&CK Framework

• Cloud Watching Report: Key Takeaways

• Introducing the tech that keeps the lights on

• China’s biggest bank hit by LockBit ransomware; US Treasury markets impacted

• Malaysian Police Dismantle “BulletProftLink” Phishing Operation

• Microsoft Resolves Outage Affecting Teams, Xbox Live

• Authorities Took Down Massive Phishing-as-a-service Provider

• Enhanced EU-Ukraine cooperation in Cybersecurity

• North Korea-linked APT Sapphire Sleet targets IT job seekers with bogus skills assessment portals

• Cyber-Attack Could Have “Devastating” Impact on Aussie Exports

• Flare-On 10 Challenge Solutions

• Authorities Took Down Massive Phishing-as-a-service Provider BulletProftLink

• SaaS Vendor Risk Assessment in 3 Steps

• A week in security (November 06 – November 12)

• Domain Control Validation (DCV) Methods & How to Choose

• Cyber risk is business risk: Qualys Enterprise TruRisk Platform sets new industry standard

• Signal is testing usernames so you don’t have to share your phone number

• Royal Mail cyber security still a mess, say infosec researchers

• SEC vs. SolarWinds CISO, Classiscam Scam-as-a-Service

• The real cost of healthcare cybersecurity breaches

• Success eludes the International Counter Ransomware Initiative

• CISOs vs. developers: A battle over security priorities

• Major Phishing-as-a-Service Syndicate ‘BulletProofLink’ Dismantled by Malaysian Authorities

• Chinese Hackers Launch Covert Espionage Attacks on 24 Cambodian Organizations

• Imperial Kitten Attacking Tech Firms with SQLi & Scanning Tools

• DP World Cyber Attack puts Australia on High Alert

• Enhancing Ransomware Defense through Micro-Segmentation of Networks

• Building resilience to shield your digital transformation from cyber threats

• Infostealers and the high value of stolen data

• New BiBi-Windows Wiper Targets Windows Systems in Pro-Hamas Attacks

• 10 Best Unified Endpoint Management Tools – 2024

• Why backup matters more than ever

• Kubernetes adoption creates new cybersecurity challenges

• Access Control Unveiled: Mastering RBAC for Business Security

• Australia declares ‘nationally significant cyber incident’ after port attack

Generated on 2023-11-14 23:56:02.896689