IT Security News Daily Summary 2023-12-05

• Consumer Rights Group Files Complaint Against Facebook Alleging It’s Charging Users For Privacy

• Webex announces comprehensive Device Management Capabilities with Phonism integration

• Roblox and Twitch provider Tipalti breached by ransomware [updated]

• 23andMe Says Hackers Saw Data From Millions of Users

• Imperva Named an Overall Leader in the KuppingerCole Leadership Compass: API Security and Management Report

• AI’s Future Could be Open-Source or Closed. Tech Giants Are Divided as They Lobby Regulators

• Exposed Hugging Face API tokens jeopardized GenAI models

• ENISA published the ENISA Threat Landscape for DoS Attacks Report

• AI and Mass Spying

• Defining Geofencing: A Digital Boundary

• The Roots of Cybersecurity: Traditional Methods

• Behind EB Control’s Revolutionary Patented Key Management System

• The Absolute Necessity of Multi-Factor Authentication

• Coffee Briefing Dec. 5 – OpenText to divest AMC to Rocket Software; Global companies hiring Canadians; Bell and ServiceNow partner; and more

• Accelerating into 2024 with NEOM McLaren Formula E Team

• Comprehensive Cloud Monitoring Platforms: Ensuring Optimal Performance and Security in the Cloud

• DEF CON 31 – Tiffany Rad’s And Austin Shamlin’s ‘Civil Cyber Defense’

• Daniel Stori’s ‘Welcome To Hell’

• Cybersecurity Performance Goals: Assessing How CPGs Help Organizations Reduce Cyber Risk

• Microsoft will offer extended support options for Windows 10 PCs, for a price

• Kali Linux 2023.4 released: New tools, Kali for Raspberry Pi 5, and more!

• Safeguarding Data Exchange: A Comprehensive Overview of API Gateways and Their Imperative Role in Ensuring Robust Security

• CISA details twin attacks on federal servers via unpatched ColdFusion flaw

• How to Set Internet Parental Controls on All Devices

• Disney+ Cyber Scheme Exposes New Impersonation Attack Tactics

• CISA Releases Two Industrial Control Systems Advisories

• Major Organizations Using ‘Hugging Face’ AI Tools Put at Risk by Leaked API Tokens

• Application Security Startup ArmorCode Raises $40 Million

• SpyLoan Scams Target Android Users With Deceptive Apps

• Fake Lockdown Mode Exposes iOS Users to Malware Attacks

• Zebra ZTC Industrial ZT400 and ZTC Desktop GK420d

• Takeaways from Cisco at InsureTech Connect 2023

• DSPM deep dive: debunking data security myths

• A Deep Dive Into How Digital Pound Can Menace Financial Stability

• Varonis enhances DSPM capabilities with Azure and AWS support

• Nine 9 tips before putting your Android Smartphone or Apple iPhone for resale

• Apple ‘Asks For Rethink’ On India Universal Charger Rules

• offensive security

• ENISA published ENISA Threat Landscape for DoS Attacks

• Analyzing the SonicWall Custom Grub LUKS Encryption Modifications

• 23andMe Finally Admits: 6.9 MILLION Users’ PII Breached

• Pirated Software Puts Mac Users at Risk as Proxy Malware Emerges

• Navigating the Future: Global AI Regulation Strategies

• One Year of ChatGPT: Domains Evolved by Generative AI

• India Seeks Strengthened Interpol Collaboration for Real-Time Crime Prevention

• Canadian law regulating social media platforms is needed fast, Parliament told

• Vanta announces new offerings to meet the needs of modern GRC and security leaders

• US Federal Agencies Miss Deadline for Incident Response Requirements

• OpenSSL Providers Workshop: Authors Track

• Thinking about a Career in Cloud Security? Follow this Path

• How to build a cyber incident response team (a 2024 playbook)

• Securiti collaborates with Databricks to enable the safe use of data and generative AI

• CellTrust SL2 Moderator AI prevents data leakage and blocks risky mobile messages

• Russia’s AI-Powered Disinformation Operation Targeting Ukraine, US, and Germany

• Warning for iPhone Users: Experts Warn of Sneaky Fake Lockdown Mode Attack

• Online Safety Act May Require AI Facial Scans

• Securing REST APIs With Nest.js: A Step-by-Step Guide

• Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts

• What the Future Holds for Data Security

• Russian hackers use old Outlook vulnerability to target Polish orgs (CVE-2023-23397)

• Stytch offers toolkit for developers to build, implement, and customize passkey-based authentication

• Brazilian City Passes Law Drafted By ChatGPT

• 9 Best Password Managers (2023): Features, Pricing, and Tips

• Threat Actors Exploit Adobe ColdFusion CVE-2023-26360 for Initial Access to Government Servers

• 23andMe Confirms Nearly 7 Million Customers Affected In Data Leak

• Cyber Av3ngers Gang Hacks Industrial Controllers Across US

• MIPS Chips Targeted By New P2Pinfect Malware In Multiple Attacks

• 94 Vulns Patched In Android With December Updates

• Two New Versions Of OpenZFS Fix Long-Hidden Corruption Bug

• New Synopsys Report Reveals Application Security Automation Soars

• Q3 2023 Cyber Attacks Statistics

• Unpatched Loytec Building Automation Flaws Disclosed 2 Years After Discovery

• Harpie Launches Proactive Mechanism to Stop Crypto Theft

• MixMode platform enhancements boost threat detection and response

• Veeam Data Platform 23H2 update enhances resilience against ransomware

• USPS Delivery Phishing Scam Exploits SaaS Providers to Steal Data

• DevSecOps: Shifting Security to the Left

• How Arnica’s CEO foresees generative AI’s impact on DevOps security

• Why We’re a Cisco Family Through and Through

• Thousands of Outdated Microsoft Exchange Servers are Susceptible to Cyber Attacks

• Roblox and Twitch provider Tipalti breached by ransomware

• AI and Quantum Computing Threaten Encryption and Data Security

• Global Integrity QTel protects voice, messaging, and video conversations

• Rambus launches Quantum Safe Engine for data center and government hardware security

• Crypto Deception Unveiled: Check Point Research Reports Manipulation of Pool Liquidity Skyrockets Token Price by 22,000%

• BlackCat ransomware crims threaten to directly extort victim’s customers

• CISO Conversations: Three Leading CISOs in the Modern Healthcare Sector

• 94 Vulnerabilities Patched in Android With December 2023 Security Updates

• Cybersecurity M&A Roundup: 34 Deals Announced in November 2023

• The Internet Enabled Mass Surveillance. AI Will Enable Mass Spying.

• Nvidia To Build Network Of AI Chip Plants In Japan

• Over 80% of IT Leaders Want to Move Their On-Prem PAM Solution to the Cloud

• Generative AI Security: Preventing Microsoft Copilot Data Exposure

• “Do Not Push To Production” And Other Insecure Code, Demonstrated By An Ethical Hacker

• Resecurity and ICS Technologies join forces to improve cybersecurity in Iraq

• AT&T Deploys Open RAN In $14bn Deal With Ericsson

• A New Trick Uses AI to Jailbreak AI Models—Including GPT-4

• Used by only a few nerds, Facebook kills PGP-encrypted emails

• Centripetal Announces Partnership With Tiger to Provide Cybersecurity Innovation to the UK Market

• Konni Malware Alert: Uncovering The Russian-Language Threat

• Leveraging Automation for Risk Compliance in IT

• RSA Keys Security: Insights from SSH Server Signing Errors

• 15,000 Go Module Repositories on GitHub Vulnerable to Repojacking Attack

• Russian APT28 Exploits Outlook Bug to Access Exchange

• Report Says Sellafield ‘Hacked’ By Russia, China

• It’s ba-ack… UK watchdog publishes age verification proposals

• Porn Age Checks Threaten Security and Privacy, Report Warns

• Quick Look at the New CISA Healthcare Mitigation Guide

• BlueNoroff: new Trojan attacking macOS users

• Sellafield Accused of Covering Up Major Cyber Breaches

• Data Power: What the EU Data Act Means for You

• Google fixed critical zero-click RCE in Android

• Congratulations to our 2023 CX Customer Hero Award Winners

• Microsoft Warns of Kremlin-Backed APT28 Exploiting Critical Outlook Vulnerability

• New Threat Actor ‘AeroBlade’ Emerges in Espionage Attack on U.S. Aerospace

• RailYatri – 23,209,732 breached accounts

• Bolstering API Security: Introducing Wallarm’s API Attack Surface Management (AASM)

• Meet the Cybersecurity Defender of 2023 for the Asia Pacific Region

• UK government denies China/Russia nuke plant hack claim

• 75% Organizations Struggle with Recurring Cyber Attacks

• Microsoft issues alert on Cactus Ransomware spreading through DanaBOT Ransomware

• How AI is revolutionizing “shift left” testing in API security

• SessionProbe: Open-source multi-threaded pentesting tool

• Beware of Expired or Compromised Code Signing Certificates

• Advanced ransomware campaigns expose need for AI-powered cyber defense

• Customer Story | How Azusa Unified School District Increasing Visibility & Control in Google & Microsoft 365

• Exploring the impact of generative AI in the 2024 presidential election

• eBook: Defending the Infostealer Threat

• 2024 brings changes in data security strategies

• Healthcare Trends in 2024: Challenges and Opportunities

• Akamai Account Protector?s New Protection Against Account Opening Abuse

• AgTech Revolution: Innovations in Agriculture

• The Importance of Incident Response for SaaS

• US warns Iranian terrorist crew broke into ‘multiple’ US water facilities

• One More Google Chrome Update Arrives With A Zero-Day Patch

• New P2PInfect bot targets routers and IoT devices

• 23andMe says, er, actually some genetic and health data might have been accessed in recent breach

• Network Infrastructure in Ransomware’s Crosshairs: Addressing Supply Chain Threats

• IT Security News Daily Summary 2023-12-04

• Int’l Dog Breeding Org WALA Exposes 25GB of Pet Owners Data

• Navigating API Governance: Best Practices for Product Managers

• Fancy Bear hackers still exploiting Microsoft Exchange flaw

• Disinformation Researcher Says She Was Fired After Pressure From Facebook

• How to Secure Your Kid’s Android Device

• The Momentum, the Margin and the “Magic” with Cisco MSP Partners

• DEF CON 31 War Stories – Paz Hameiri’s ‘CON Trolling The Weather’

• Integrated Industrial Edge Compute

• Hershey phishes! – Crooks snarf chocolate lovers’ creds

• Vulnerability Summary for the Week of November 27, 2023

• Microsoft Outlook Vulnerability Exploited by Russian Forest Blizzard Group

• Randall Munroe’s XKCD ‘Typical Seating Chart’

• Exposed Hugging Face APIs Opened AI Models to Cyberattacks

• Top 13 ransomware targets in 2024 and beyond

• Tor University Challenge: First Semester Report Card

• President Biden signs Executive Order 14111

• 23andMe confirms hackers stole ancestry data on 6.9 million users

• Why a ransomware gang tattled on its victim, with Allan Liska: Lock and Code S04E24

• Sophisticated Booking.com Scam Targeting Guests with Vidar Infostealer

• Supply-chain ransomware attack causes outages at over 60 credit unions

• These 6 Ways Will Help in Improving Your Organization’s Security Culture

• Multiple Vulnerabilities Found In Ray Compute Framework

• Google Workspace Marketplace: 4 Tips for Choosing the Best Apps

• Top Guns: Defending Corporate Clouds from Malicious Mavericks

• Ransomware Surge: 2023 Cyber Threats

• Hackers Use This New Malware to Backdoor Targets in Middle East, Africa and U.S

• Bridging the Gap Between Cloud vs On-premise Security

• Cybercriminals Escalate Microsoft Office Attacks By 53% in 2023

• CISA Adds Two Known Exploited Vulnerabilities to Catalog

• Two new versions of OpenZFS fix long-hidden corruption bug

• P2PInfect Botnet Is Now Targeting MIPS-Based IoT Devices

• Rust-Based Botnet P2Pinfect Targets MIPS Architecture

• Hackers Use Weaponized Documents to Attack U.S. Aerospace Industry

• Harnessing the Power of APIs: Shaping Product Roadmaps and Elevating User Experiences through Authentication

• Hugging Face dodged a cyber-bullet with Lasso Security’s help

• Malvertising attacks rely on DanaBot Trojan to spread CACTUS Ransomware

• Russian Pleads Guilty to Role in Developing TrickBot Malware

• Dozens of Credit Unions Experiencing Disruptions Due to Ransomware Attack on Popular Tech Provider

• Britain Nuclear site Sellafield experiences malware cyber attack

• Nvidia Promises Japan AI Support Amidst Heavy Demand

• Data Privacy and Security

• How the Denver Broncos Intercepts Cyber Threats with Check Point

• US Lawmakers Want to Use a Powerful Spy Tool on Immigrants and Their Families

• North Korean Hackers Have Stolen Over $3 Billion in Cryptocurrency: Report

• Building a Collaborative Approach to Secure the Connected World

• Update your iPhones! Apple fixes two zero-days in iOS

• ArmorCode raises $40M to consolidate security data in one place

• Accelerating Your Journey to the 128-bit Universe

• Club Cisco: Profile of 2023 CX Winners

• Exposed Hugging Face API tokens offered full access to Meta’s Llama 2

• Limiting Remote Access Exposure in Hybrid Work Environments

• OpenAI Turmoil Sparks an Urgent Debate: Can AI Developers Effectively Self-Regulate?

• ArmorCode raises $40 million to help companies ship secure software

• MPs Warn Over Digital Pound Plan Stability Risks

• Stellar Cyber Bridges Cybersecurity Skills Gap with First-of-Its-Kind University Program

• Master the Art of Data Security: A Complete Guide To Securing Data at Rest on Amazon S3

• CyberAv3ngers hit Unitronics PLCs at multiple US-based water facilities

• New BLUFFS Bluetooth Attack Expose Devices to Adversary-in-the-Middle Attacks

• 9 online scams to watch out for this holiday season

• Check Point Secures Broncos Country

• UEFI Flaws Allow Bootkits To Pwn Devices Using Images

• EU Lawmakers Finalize Cyber Security Rules That Panicked Devs

• SugarGh0st RAT Use Targets South Korea And Uzbekistan

• PSA: Fake CVE-2023-45124 Phishing Scam Tricks Users Into Installing Backdoor Plugin

• New Relic Says Hackers Accessed Internal Environment Using Stolen Credentials

• ICS at Multiple US Water Facilities Targeted by Hackers Affiliated With Iranian Government

• SQL Brute Force Leads to BlueSky Ransomware

• Project PowerUp – Helping to keep the lights on in Ukraine in the face of electronic warfare

• Kubernetes DaemonSet: Practical Guide to Monitoring in Kubernetes

• Check Point Research Report: Iranian Hacktivist Proxies Escalate Activities Beyond Israel

• UAE CISOs Highlights their Rampant Gaps in Cybersecurity

• Cyber Security Today, Dec. 4, 2023 – A warning to water treatment utilities, a boot vulnerability could affect millions of PCs, and more.

• EU Council and Parliament Reach Agreement on Cyber Resilience Act

• Sekoia.io achieves PCI-DSS compliance

• AI and Trust

• What are ‘Credential Stuffing’ Attacks and 2-Step Verification?

• US Officials To Visit Taiwan To ‘Explain’ China Chip Controls

• New P2PInfect Botnet MIPS Variant Targeting Routers and IoT Devices

• Make a Fresh Start for 2024: Clean Out Your User Inventory to Reduce SaaS Risk

• US Commerce Chief: China ‘Not Our Friend’

• Inside America’s School Internet Censorship Machine

• Social media giants to testify over failing to protect kids

• Check Point Research Report: Shift in Cyber Warfare Tactics – Iranian Hacktivist Proxies Extend Activities Beyond Israel

• Understanding Mobile Payment Security

• Tripwire Patch Priority Index for November 2023

• IT Professionals in ASEAN Confronting Rising Cyber Security Risks

• LockBit on a Roll – ICBC Ransomware Attack Strikes at the Heart of the Global Financial Order

• Kaspersky Security Bulletin 2023. Statistics

• 3 security best practices for all DevSecOps teams

• Booking.com customers targeted in hotel booking scam

• Staples Hit With Disruption After Cyber-Attack

• Spotify To Axe 1,500 Jobs In Cost-Cutting Drive

• Russian Developer Pleads Guilty to Trickbot Conspiracy

• New Employee Checklist and Default Access Policy

• A week in security (November 27 – December 3)

• US Confirms Iranian Attacks on Water Companies

• Three Apologises After Outage Affects Tens Of Thousands

• LogoFAIL: UEFI Vulnerabilities Expose Devices to Stealth Malware Attacks

• Flying Blind: Is your Vulnerability Management program working?

• Application Security Trends & Challenges with Tanya Janca

• Zyxel fixed tens of flaws in Firewalls, Access Points, and NAS devices

• Imperva & Thales: Pioneering a New Era in Cybersecurity

• EU lawmakers finalize cyber security rules that panicked open source devs

• Ransomware news currently trending on Google

• Understanding Mobile Network Hacking: Risks, Methods, and Safeguarding Measures

• 2023 Gartner® Market Guide for Security, Orchestration, Automation and Response Solutions

• Put guardrails around AI use to protect your org, but be open to changes

• Entertainment Transformed: The Impact of Technology

• The AI readiness race and where global companies stand

• Microsoft Warns of Malvertising Scheme Spreading CACTUS Ransomware

• New Relic’s cyber-something revealed as attack on staging systems, some users

• 2024 cybersecurity outlook: The rise of AI voice chatbots and prompt engineering innovations

• Maximizing cybersecurity on a budget

• SQL Brute Force leads to Bluesky Ransomware

Generated on 2023-12-05 23:55:57.298574