IT Security News Daily Summary 2023-12-19

• Security first in software? AI may help make this an everyday practice

• Reflections from Cisco Live Melbourne: Innovation, Sustainability, and Connections

• FBI claims to have dismantled AlphV/Blackcat ransomware operation, but the group denies it

• Millions of Xfinity customers’ info, hashed passwords feared stolen in cyberattack

• Outlook Plays Attacker Tunes: Vulnerability Chain Leading to Zero-Click RCE

• Cisco Details AI Strategy for Simplifying Cybersecurity

• A Major Ransomware Takedown Suffers a Strange Setback

• Before you go away for Xmas: You’ve patched that critical Perforce Server hole, right?

• Learning To Use Web3: First Impressions

• Are you sure that online store is real? You might be surprised

• This AI can find your location just by looking at a few photos

• File Integrity Monitoring for PCI Compliance

• Play Ransomware Has Hit 300 Entities Worldwide: FBI

• EFACEC UC 500E

• US Gov Disrupts BlackCat Ransomware Operation; FBI Releases Decryption Tool

• AlphV/BlackCat ransomware gang’s websites seized, FBI releases decrypter

• Global malspam targets hotels, spreading Redline and Vidar stealers

• CISO (chief information security officer)

• ‘Tis the season where data theft is at an all-time high

• Randall Munroe’s XKCD ‘Puzzles’

• AlphV/BlackCat hits back as Feds offer decryptor to ransomware victims

• EFACEC BCU 500

• Open Design Alliance Drawing SDK

• Subnet Solutions Inc. PowerSYSTEM Center

• CISA Releases Seven Industrial Control Systems Advisories

• 10 Cybersecurity Trends That Emerged in 2023

• That time I broke into an API and became a billionaire

• The widening web of effective altruism in AI security | The AI Beat

• What Australia’s Digital ID Means to How Citizens Interact With Businesses Online

• Partnering for Purpose: A Year in Focus

• Cyberelements Launches Dedicated MSP Program

• Microsoft Introduces Enhanced Windows Protected Print Mode for Increased Security

• FBI Takes Down BlackCat Ransomware, Releases Free Decryption Tool

• Law Enforcement Confirms BlackCat Take Down, Decryption Key Offered to Victims

• Microsoft ChatGPT faces cyber threat for being politically biased

• Google To Pay $700m To Consumers In US Antitrust Settlement

• 12 Essential Steps Mac Users Need To Take At Year End

• hybrid cloud security

• AlphV/BlackCat hacked back as feds offer decryptor to ransomware victims

• Kraft Heinz Investigates Cybersecurity Threat

• Imperva Report Previously Undocumented 8220 Gang Activities

• Law enforcement seizes ALPHV/Blackcat sites, offers decryptor to victims

• Behind the Scenes of Matveev’s Ransomware Empire: Tactics and Team

• Smishing Triad Targets UAE Residents in Identity Theft Campaign

• Foreign Actors Targeted 2022 US Elections, Intelligence Community Reveals

• Navigating eSIM Policies and Regulations

• Mr. Cooper Hackers Stole ~15 Million Users’ Data

• More Than 26,000 Vulnerabilities Discovered in 2023

• Japan Chip Equipment Maker Kokusai Expands In China

• TSMC Chair Mark Liu To Retire In 2024

• Apple To Pause Series 9, Ultra 2 Watch Sales In US

• Jack Ma-Backed Seafood Start-Up Begins Online Sales

• FBI Seizes Dark Web Domain of Blackcat – ALPHV Ransomware

• Tech Device Manufacturers Urged by CISA to Remove Default Passwords

• Sidewinder Hacker Group Using Weaponized Documents to Deliver Malware

• Hacktivists Shut Down Iran’s Gas Pumps

• Xfinity Customer Data Compromised In Attack Exploiting CitrixBleed Vulnerability

• Brazil’s First Lady To Sue Musk’s X Over Hacked Account

• New QakBot Phishing Campaign Appears After FBI Takedown

• Mr. Cooper Breach Affects 14.6 Million Customers

• Turngate Raises $5 Million to Shed Light on User Activity

• Here’s How to Avoid Falling for Costly Pig Butchering Scam

• 2023 Cyber Threats: 26,000+ Vulnerabilities, 97 Beyond CISA List

• 5 Fraud Prevention Strategies That Help Companies Ward Off Cyber Attacks

• Web injections are back on the rise: 40+ banks affected by new malware campaign

• NetworkSherlock Powerful Port Scanner With Shodan

• Get Ahead of the Game: Protecting Your Cloud Native Applications with CloudGuard CNAPP

• holistic (holistic technology)

• Beyond DLP: Embracing a Multi-Layered Strategy for Personal Data Security

• Wiz and Apiiro partner to provide context-driven security from code to cloud

• IaaS Security: Top 8 Issues & Prevention Best Practices

• 5 Major Cybersecurity Trends to Know for 2024

• SimSpace raises $45M to simulate tech stacks for cyber training

• Anti-ransomware startup Halcyon lands fresh $40M tranche

• The Rise in Attacks Requires Specialized Expertise – Breakaway 1=5

• Hackers Abusing GitHub to Evade Detection and Control Compromised Hosts

• US and Australia Warn of Play Ransomware Threat

• Authorities claim seizure of notorious ALPHV ransomware gang’s dark web leak site

• CVE-2023-50164: A Critical Vulnerability in Apache Struts

• AI Coding Tools: How to Address Security Issues

• Fortinet enhances its OT security solutions and services

• Year in Malware 2023: Recapping the major cybersecurity stories of the past year

• “Get Paid to Like Videos”? This YouTube Scam Leads to Empty Wallets

• New SMTP Smuggling Attack Lets Hackers Send Spoofed Emails

• How To Protect RDP From Ransomware Attacks

• Comcast says hackers stole data of close to 36 million Xfinity customers

• A Dream Come True: My Journey to Africa as a Sea Turtle Conservation Volunteer

• 2022 Election Not Impacted by Chinese, Russian Cyber Activity: DOJ, DHS

• Every “Thing” Everywhere All at Once

• Smishing Triad: Cybercriminals Impersonate UAE Federal Authority for Identity and Citizenship on the Peak of Holidays Season

• OpenAI Is Not Training on Your Dropbox Documents—Today

• Iranian Hackers Using MuddyC2Go in Telecom Espionage Attacks Across Africa

• Are We Ready to Give Up on Security Awareness Training?

• “Quishing” you a Happy Holiday Season

• Xfinity Customer Data Compromised in Attack Exploiting CitrixBleed Vulnerability

• Hexnode offers patch management for Windows devices

• New Malvertising Campaign Distributing PikaBot Disguised as Popular Software

• Apple Supplier Qorvo Sells China Plants To Luxshare

• Governments Issue Warning After Play Ransomware Hits Hundreds of Organizations

• Mr. Cooper Data Breach Impacts 14.7 Million Individuals

• SSH vulnerability exploitable in Terrapin attacks (CVE-2023-48795)

• Mr. Cooper breach exposes sensitive info of over 14 million customers

• Cleafy improves banking security with real-time AI capabilities

• Massive Data Breach at Gokumarket: Over a Million Users’ Information Exposed

• Impact of Log4Shell Bug Was Overblown, Say Researchers

• Iranian Fuel Supplies Crippled By Cyber-Attack

• Over 14 Million Mortgage Customers Hit By Mr Cooper Breach

• Telcos Forced To Pause Switch To Digital Landlines For Vulnerable

• Hackers Actively Exploiting ActiveMQ Vulnerability to Install Malware

• The Current Challenges of Adopting Zero Trust and What You Can Do About Them

• The History of Patch Tuesday: Looking back at the first 20 years

• How Organizations Can Prevent Their Employees Falling for Cyber Scams

• Qakbot’s backbot: FBI-led takedown keeps crims at bay for just 3 months

• What Is Cloud Repatriation and Why Are Businesses Doing It?

• QakBot Malware Emerges with New Tactics, Attacking Hospitality Industry

• 8220 Gang Exploiting Oracle WebLogic Server Vulnerability to Spread Malware

• 3 Strategic Insights from Cybersecurity Leader Study

• Cyber Attack news headlines trending on Google

• Vulnerability Summary for the Week of December 11, 2023

• The impact of prompt injection in LLM agents

• Double-Extortion Play Ransomware Strikes 300 Organizations Worldwide

• EMBA: Open-source security analyzer for embedded devices

• Ransomware trends and recovery strategies companies should know

• Most cloud transformations are stuck in the middle

• How to protect unmanaged devices in today’s zero-trust world

• Cybersecurity Career Pathways for Students

• Encouraging Ethical Hacking Skills in Students

• The ransomware attack on Westpole is disrupting digital services for Italian public administration

• Victory: Utah Supreme Court Upholds Right to Refuse to Tell Cops Your Passcode

• KubeCon 2023: Securing Software Delivery and Deployment

• Accelerating Safe and Secure AI Adoption with ATO for AI: stackArmor Comments on OMB AI Memo

• Mortgage Giant Mr. Cooper Data Breach; 14 Million Users Impacted

• Hacktivists boast: We shut down Iran’s gas pumps today

• IT Security News Daily Summary 2023-12-18

• Facebook Scam Targets The Funeral Of A Popular Politician

• VPN for Your Phone: Key to Global Email Security While Traveling

• Does Less Consumer Tracking Lead to Less Fraud?

• Mr Cooper cyberattack laid bare: 14.7M people’s info stolen, costs hit $25M

• Weekly Vulnerability Recap – December 18, 2023 – JetBrains TeamCity Exploits Continue

• AI and Automation

• Cyber-crooks slip into Vans, trample over operations

• A Suspected Cyberattack Paralyzes the Majority of Gas Stations Across Iran

• Enabling Threat-Informed Cybersecurity: Evolving CISA’s Approach to Cyber Threat Information Sharing

• The age of weaponized LLMs is here

• IaaS vs PaaS vs SaaS Security: Which Is Most Secure?

• Info stealers and how to protect against them

• Digital Rights Updates with EFFector 35.16

• Randall Munroe’s XKCD ‘Label the States’

• Controversial SEC Cyber Disclosure Rules Take Effect

• Docker Image Building Best Practices

• Investing in Africa’s Clean Energy Transition

• How to Temporarily Deactivate Instagram?

• Disruptions at 70% of Iran’s Gas Stations Blamed on Cyberattack

• New report claims your phone, TV, and smart speaker are spying on you. But is it real?

• OffSec’s 2023: A year of holistic cybersecurity education and strategic growth

• Why Your AirPods Aren’t Waterproof

• How To Scan a QR Code On iPhone

• How to Know If Someone Screengrabs Your Instagram Story

• Do AirPods Work With Android?

• How To Delete a Facebook Business Page?

• Discord Rolls Out Security Key Support For All Users

• Using Data Diodes for One-Way Information Transfer and Preventing Data Leaks

• Vans, Supreme owner VF Corp. says personal data stolen and orders impacted in suspected ransomware attack

• How to Copy and Paste on Mac?

• X/Twitter Under Investigation by EU in First DSA Move

• The best travel VPNs of 2023: Expert tested and reviewed

• Why extortion is the new ransomware threat

• Don’t phish for deals this holiday season

• Beware: Experts Reveal New Details on Zero-Click Outlook RCE Exploits

• MOVEit Vulnerability Hits Delta Dental: 7 Million Records Exposed

• 3CX Asks Customers to Disable SQL Database Integrations to Stop Hack Attacks

• 8220 Hacker Group Attacking Windows & Linux Web Servers

• #TripwireBookClub – The Rust Programming Language

• Guide to Creating a Robust Website Security Incident Response Plan

• Pro-Israel Predatory Sparrow hacker group disrupted services at around 70% of Iran’s fuel stations

• Police Get Medical Records without a Warrant

• VF Corp Disrupted by Cyberattack, Online Operations Impacted

• CISA Urges Manufacturers to Eliminate Default Passwords After Recent ICS Attacks

• How to protect kids on Google Android devices from Cyber Threats

• The Perils of AI Hallucination: Unraveling the Challenges and Implications

• Mobile Security Alert: CERT-In Flags Risks in Top Brands

• Top 7 Trends Shaping SaaS Security in 2024

• Adobe Abandons Figma Buy In Face Of EU, UK Probes

• The best VPN services for iPhone and iPad in 2023: Tested and reviewed

• #StopRansomware: Play Ransomware

• FBI, CISA, and ASD’s ACSC Release Advisory on Play Ransomware

• Mr. Cooper hackers stole personal data on 14 million customers

• EFF Joins Forces with 20+ Organizations in the Coalition #MigrarSinVigilancia

• CISA Flags Gaps in Healthcare Org’s Security Posture, Issues Security Guidance

• Microsoft: Storm-0539 Group Behind a Surge of Gift Card Scams

• NKAbuse Malware Utilizes NKN Blockchain Technology for Executing DDoS Attacks

• EU Targets Musk’s X Over Misinformation In First DSA Probe

• The Art of Securing Cloud-Native Mobile Applications

• Akamai discloses zero-click exploit for Microsoft Outlook

• A Top Secret Chinese Spy Satellite Just Launched On A Supersized Rocket

• SMTP Smuggling Allows Spoofed Emails To Bypass Auth

• How Microsoft’s Cybercrime Unit Has Evolved To Combat More Threats

• Stellar Cyber partners with BlackBerry to help users detect and respond to cyber threats

• Rhadamanthys Malware: Swiss Army Knife of Information Stealers Emerges

• Qakbot’s Low-Volume Resurgence Targets Hospitality

• Qakbot is back and targets the Hospitality industry

• Delta Dental Says Data Breach Exposed 7 Million Customers

• Salvador Technologies Raises $6 Million for ICS/OT Attack Recovery Solution

• SMTP Smuggling Allows Spoofed Emails to Bypass Authentication Protocols

• NSA Issues Guidance on Incorporating SBOMs to Improve Cybersecurity

• Creating a New Market for Post-Quantum Cryptography

• Cyber Criminals Seek $2 Million in Bitcoin After Siphoning Insomniac Games Data

• SenseTime Shares Plummet After Death Of Co-Founder

• 71% of Organizations Have Fallen Victim to Ransomware, Should Your Organization Be Concerned?

• Round Up

• MongoDB investigating security incident that exposed data about customer accounts

• Defending Against AI-Based Cyber Attacks: A Comprehensive Guide

• Deception Tech: The Art of Cyber Counterintelligence

• Data Insecurity: Experts Sound the Alarm on 4 Apps Putting User Privacy at Risk

• China’s MIIT Proposes Color-coded Contingency Plan for Security Incidents

• Cyber Security Today, Dec. 18, 2023 – Customer contact info stolen from MongoDB, more stringent American cyber attack reporting rules start today

• Microsoft is working on a more secure print system for Windows

• As the SEC’s new data breach disclosure rules take effect, here’s what you need to know

• MongoDB Breach Update: Names, Emails Exposed, Atlas Secured

• How To Protect A New Technology Purchase | Avast

• Securing AI: Navigating the Complex Landscape of Models, Fine-Tuning, and RAG

• National Grid latest UK org to zap Chinese kit from critical infrastructure

• Delta Dental of California Discloses Data Breach Impacting 6.9 Million People

• Cyber Security Today, Dec. 18, 2023 – Customer contact info stolen from MongoDB, more stringent American cyber attack reporting rules start today, and more

• Qakbot returns in fresh assault on hospitality sector

• Four U.S. Nationals Charged in $80 Million Pig Butchering Crypto Scam

• Scammers Are Tricking Anti-Vaxxers Into Buying Bogus Medical Documents

• ALPHV Second Most Prominent Ransomware Strain Before Reported Downtime

• Protecting the perimeter with VT Intelligence – malicious URLs

• Xiaomi Founder Hopes For ‘Win’ With Upcoming Electric Car

• SEC Shares Important Clarifications as New Cyber Incident Disclosure Rules Come Into Effect

• Cruise Cuts 900 Jobs Amidst Regulatory Scrutiny

• Strobes 2023 Pentesting Recap: Trends, Stats, and How PTaaS is Transforming Cybersecurity

• QakBot Malware Resurfaces with New Tactics, Targeting the Hospitality Industry

• Unmasking the Dark Side of Low-Code/No-Code Applications

• TikTok Removes Russian Propaganda Networks

• 3CX Urges Customers to Disable Integration Due to Potential Vulnerability

• MongoDB corporate systems breached, customer data exposed

• Insurer’s UK Honeypots Attacked 17 Million Times Per Day

• 3 ways to reduce stress on the DevSecOps team

• MongoDB Investigates Customer Account Data Breach

• Facebook and Instagram under fire for insufficient child safety protection measures

• Ofcom Probes TikTok Over ‘Inaccurate’ Child Protection Data

• Google Chrome’s New Tracking Protection Limits Website Tracking

• Technology Manufacturers Urged to Eliminate Passwords

• Code Execution Update: Improve WordPress Security

• Debunking Myths About Linux Kernel Patching

• A supply chain attack on crypto hardware wallet Ledger led to the theft of $600K

• The Top 5 Ransomware Takedowns

• CISA Urges Manufacturers Eliminate Default Passwords to Thwart Cyber Threats

• Why Not Shut Off Access to The Internet Whenever a Password Is Saved

• The Corporate Transparency Act: Striking a Pact Between Fact & Privacy Impact

• AI in Cybersecurity

• Safeguarding Children and Vulnerable Groups Online Strategies for Enhancing Online Safety in Digital Communities

• Top 7 seven Cyber Attack news headlines trending on Google

• The Intersection of AI and Cybersecurity: Unveiling Threats to Elections

• Creating a formula for effective vulnerability prioritization

• Correct bad network behavior to bolster application experience

• Preserving privacy through advanced encryption techniques

• Information-blocking rule in 21st Century Cures Act redefines data exchange in healthcare

• NKAbuse Malware Attacking Linux Desktops & Use Corn Job for Persistence

• MongoDB warns breach of internal systems exposed customer contact info

• The Importance of Cybersecurity Education in Schools

• Teaching Digital Literacy and Online Safety

• Lets Open(Dir) Some Presents: An Analysis of a Persistent Actor’s Activity

• Pro-China campaign targeted YouTube with AI avatars

Generated on 2023-12-19 23:55:43.517975