IT Security News Daily Summary 2023-12-20

• FTC’s Rite Aid Ruling Rightly Renews Scrutiny of Face Recognition

• BlackCat/ALPHV Ransomware Site Seized in International Takedown Effort

• Cybercrooks book a stay in hotel email inboxes to trick staff into spilling credentials

• Attackers Finding Novel Ways to Abuse GitHub: ReversingLabs

• New to Cybersecurity? Use These Career Hacks to Get a Foot in the Door

• security.txt: A Simple File with Big Value

• BlackCat Ransomware Site Seized in International Takedown Effort

• FBI Disrupts BlackCat Ransomware Threat Group Activity – The Essential Facts

• CodeSecure Expands Automation Capabilities for Complying with Leading Embedded Software Safety and Security Standards

• 7 Cybersecurity Tips for Small Businesses

• Exploring EMBA: Unraveling Firmware Security with Confidence

• USENIX Security ’23 – Claudio Anliker, Giovanni Camurati, and Srdjan Čapkun ‘Time for Change: How Clocks Break UWB Secure Ranging’

• Managing API Contracts and OpenAPI Documents at Scale

• SimSpace Scores $45 Million Investment to Expand Cyber Range Tech Markets

• Threat actors still exploiting old unpatched vulnerabilities, says Cisco

• Scraped images of sexually abused children found in AI training database

• Data Leak Exposes 1.5 Billion Real Estate Records, Including Elon Musk, Kylie Jenner

• Cyber Security Trends to Watch in Australia in 2024

• CISA Issues Request For Information on Secure by Design Software Whitepaper

• Top 7 Cybersecurity Threats for 2024

• AppOmni Previews Generative AI Tool to Better Secure SaaS Apps

• Automate Your SSO With Ansible and Keycloak

• With the Right Support, Developers Can Lead Your Organization to Superior PCI-DSS 4.0 Compliance

• Check Point Software: The Pioneer in Cybersecurity Earns Security Platform Recognition from Top Analysts Firms in 2023

• The Limitations of Google Play Integrity API (ex SafetyNet)

• U.S. drug store chain banned from using facial recognition for five years

• The Do?s and Don?ts of Modern API Security

• Women Can Make a Difference in the Field of Data Science

• NASA Uses Laser To Beam Cat Video From Deep Space

• Mozilla Releases Security Updates for Firefox and Thunderbird

• Tech gifts you shouldn’t buy your family and friends for the holidays

• SSH FAIL: Terrapin Attack Smashes ‘Secure’ Shell Spec

• Enhancing Home Security: The Essential Guide to Garage Door Opener Manuals and Advanced Security Features

• Full Fibre Broadband Reaches 17 Million UK Homes, Says Ofcom

• ARM Lays Off Workers In China – Report

• Nashville-based Phosphorus gets $27M to build out its xIoT security solutions

• Apple Releases Security Updates for Multiple Products

• Keeping the Lights On: Brazilian Power Utility Wins Cybersecurity Award for Securing Grid Network with Cisco

• Cisco and Nutanix Team Up in Response to Customer Demand: Another Win for Customer-Centric Innovation

• Okta to Acquire Israeli Startup Spera Security

• USENIX Security ’23 – Ang Li, Jiawei Li, Dianqi Han, Yan Zhang, Tao Li, Ting Zhu, Yanchao Zhang ‘PhyAuth: Physical-Layer Message Authentication for ZigBee Networks’

• Hospitality Industry Faces New Password-Stealing Malware

• Top 5 Lucrative Careers in Artificial Intelligence

• New JaskaGO Malware Targets Mac and Windows for Crypto, Browser Data

• Using VB.NET To Check for Proxy and VPN With IP2Location.io Geolocation API

• Why CISOs and CIOs Should Work Together More Closely

• Law enforcement Operation HAECHI IV led to the seizure of $300 Million

• New Report: 85% Firms Face Cyber Incidents, 11% From Shadow IT

• 5 common data security pitfalls — and how to avoid them

• 7 Best Attack Surface Management Software for 2024

• What is the EPSS score? How to Use It in Vulnerability Prioritization

• How to Complete an IT Risk Assessment (2023)

• Unveiling the Dynamics of Cybersecurity- A Heimdal® Report

• New JaskaGO Malware Stealer Threatens Windows and MacOS Operating Systems

• BlackCat Strikes Back: Ransomware Gang “Unseizes” Website, Vows No Limits on Targets

• NSA Blocked 10 Billion Connections to Malicious and Suspicious Domains

• Mozilla Patches Firefox Vulnerability Allowing Remote Code Execution, Sandbox Escape

• Unveiling Storm-1152: A Top Creator of Fake Microsoft Accounts

• Telus Makes History with ISO Privacy Certification in AI Era

• Belgium Commences Mega Drug Trial After Covert Apps Cracked

• Kasada launches advanced bot defense platform with evolving protection and attack insights

• 2024 Cybersecurity Industry Experts Predictions: Part 1

• ImmuniWeb is now ISO 9001 certified

• Toshiba Delisted From Toyko Stock Exchange After 74 Years

• Hackers Abuse Bot Protection Tool to Launch Cyber Attacks

• The Evolving Cyber Landscape: AI Fighting AI

• How Education Institution Technology Needs to Evolve

• How Cisco and Wipro are Improving the Airport Experience

• 1 In 4 High Risk CVEs Are Exploited Within 24 Hours Of Going Public

• Play Ransomware Gang Tied To 300 Attacks In 17 Months

• DOJ Seizes Ransomware Site as BlackCat Threatens More Attacks

• Stellar Cyber integrates with SentinelOne for enhanced cybersecurity across environments

• Remote Encryption Attacks Surge: How One Vulnerable Device Can Spell Disaster

• New Web Injection Malware Campaign Steals Bank Data of 50,000 People

• Cyber Security Today, Dec. 20, 2023 – Data on over 35 million Comcast customers stolen because patching wasn’t fast enough

• AskOmni simplifies and enhances SaaS security

• OpenSSL 25 Year Anniversary T-Shirt Giveaway

• INTERPOL Arrests 3,500 Suspects In Sweeping Cybercrime Operation

• Krasue RAT Malware: A New Threat to Linux Systems

• Extended Detection and Response: The Core Element of Zero-Trust Security

• Recap from Singapore FinTech Festival

• Sophisticated JaskaGO info stealer targets macOS and Windows

• Xfinity Data Breach Impacts 36 Million Individuals

• 8220 gang exploits old Oracle WebLogic vulnerability to deliver infostealers, cryptominers

• ConnectSecure announces improved cybersecurity scanning platform for MSPs

• BlackCat Rises: Infamous Ransomware Gang Defies Law Enforcement

• The Shift to Distributed Cloud: The Next Era of Cloud Infrastructure

• Mute the Sound: Chaining Vulnerabilities to Achieve RCE on Outlook: Pt 2

• Mute the Sound: Chaining Vulnerabilities to Achieve RCE on Outlook: Pt 1

• Insights from Survey of Financial Services Cyber Leaders in Asia-Pacific

• Novel Detection of Process Injection Using Network Anomalies

• Sigma rules for Linux and MacOS

• UK Supreme Court Rules AI Cannot Be Patent Inventor

• Hackers Stole Banking Details From Over 50,000 Users Via Web Injections

• Data Privacy and Cloud Computing: A Review of Security and Privacy Measures

• GCHQ Christmas Codebreaking Challenge

• Codenotary Trustcenter 4.0 helps customers prioritize and address software security issues

• 3,500 Arrested, $300 Million Seized in International Crackdown on Online Fraud

• Oversight Board Reverses Meta Removal Of Graphic Israel-Gaza Videos

• Xfinity Rocked with Data Breach Impacting 36 Million Users

• Product Explained: Memcyco’s Real-Time Defense Against Website Spoofing

• Why Is an Australian Footballer Collecting My Passwords? The Various Ways Malicious JavaScript Can Steal Your Secrets

• Interpol Arrested 3,500 Suspects and Seized $300 Million

• The Avast Phishing Awards: Trickiest email headlines of 2023

• How Strata Identity and Microsoft Entra ID solve identity challenges in mergers and acquisitions

• Halcyon raises $40 million to combat ransomware attacks

• Citrix Bleed leveraged to steal data of 35+ million Comcast Xfinity customers

• Argus vDome prevents cyber vehicle theft

• Alert: Chinese-Speaking Hackers Pose as UAE Authority in Latest Smishing Wave

• 4 Best War Games You Should Play

• Hackers Leveraging GitHub Platform for Hosting Malware

• Manchester’s finest drowning in paperwork as Freedom of Information requests pile up

• SimSpace raises $45 million to fuel continued growth

• Cyber-Incident Costs Surge 11% as Budgets Remain Muted

• Global Police Seize $300m Linked to Online Scams

• Xfinity Discloses Data Breach Impacting Nearly 36 Million

• AI’s Emerging Role in the Fight Against Intellectual Property Theft

• Tips, Tricks and Updates for Tripwire’s State Analyzer

• SSH shaken, not stirred by Terrapin vulnerability

• New Go-Based JaskaGO Malware Targeting Windows and macOS Systems

• 3,500 Arrested in Global Operation HAECHI-IV Targeting Financial Criminals

• Revolutionizing Cybersecurity with Cyber Defense Planning and Optimization

• BMW dealer at risk of takeover by cybercriminals

• AI’s efficacy is constrained in cybersecurity, but limitless in cybercrime

• Ransomware news on FBI, BlackCat, and Game plan release

• How to retrieve data from google account if user dies

• How Are Security Professionals Managing the Good, The Bad and The Ugly of ChatGPT?

• Anticipation And Agility: Cyber Protection for the 2024 Olympics

• Lost in Translation: Mitigating Cybersecurity Risks in Multilingual Environments

• Halting Hackers on the Holidays 2023 Part II: The Apps You (Shouldn’t) Trust

• Product showcase: ImmuniWeb AI Platform

• Analyst Perspective: Toward Converged Identity Assurance

• Supply chain emerges as major vector in escalating automotive cyberattacks

• What Can Go Wrong with Bank Online Account Opening?

• Balancing AI’s promise with privacy and intellectual property concerns

• Subdominator: Open-source tool for detecting subdomain takeovers

• Exploring Technology in Classroom Learning

• New generative AI-powered SaaS security expert from AppOmni

• Cybersecurity Awareness Campaigns in Education

• Comcast’s Xfinity customer data exposed after CitrixBleed attack

• Philippines, South Korea, Interpol cuff 3,500 suspected cyber scammers, seize $300M

• Insight – The Evolving Cybersecurity Landscape in 2024: Predictions and Preparations

• Azure Serial Console Attack and Defense – Part 2

• Biggest Data Security Threats for Businesses: Strategies to Strengthen Your Defense

• 2024 Trends for Securing Your Business Premises: Essential Strategies and Technologies

• FTC bans Rite Aid from using facial recognition surveillance for five years

• Facebook Oversight Board Reinstates Controversial Videos Of Middle East Conflict

• How to find out if an AirTag is tracking you

• BlackCat Ransomware Raises Ante After FBI Disruption

• IT Security News Daily Summary 2023-12-19

• Security first in software? AI may help make this an everyday practice

• Reflections from Cisco Live Melbourne: Innovation, Sustainability, and Connections

• FBI claims to have dismantled AlphV/Blackcat ransomware operation, but the group denies it

• Millions of Xfinity customers’ info, hashed passwords feared stolen in cyberattack

• Outlook Plays Attacker Tunes: Vulnerability Chain Leading to Zero-Click RCE

• Cisco Details AI Strategy for Simplifying Cybersecurity

• A Major Ransomware Takedown Suffers a Strange Setback

• Before you go away for Xmas: You’ve patched that critical Perforce Server hole, right?

• Learning To Use Web3: First Impressions

• Are you sure that online store is real? You might be surprised

• This AI can find your location just by looking at a few photos

• File Integrity Monitoring for PCI Compliance

• Play Ransomware Has Hit 300 Entities Worldwide: FBI

• EFACEC UC 500E

• US Gov Disrupts BlackCat Ransomware Operation; FBI Releases Decryption Tool

• AlphV/BlackCat ransomware gang’s websites seized, FBI releases decrypter

• Global malspam targets hotels, spreading Redline and Vidar stealers

• CISO (chief information security officer)

• ‘Tis the season where data theft is at an all-time high

• Randall Munroe’s XKCD ‘Puzzles’

• AlphV/BlackCat hits back as Feds offer decryptor to ransomware victims

• EFACEC BCU 500

• Open Design Alliance Drawing SDK

• Subnet Solutions Inc. PowerSYSTEM Center

• CISA Releases Seven Industrial Control Systems Advisories

• 10 Cybersecurity Trends That Emerged in 2023

• That time I broke into an API and became a billionaire

• The widening web of effective altruism in AI security | The AI Beat

• What Australia’s Digital ID Means to How Citizens Interact With Businesses Online

• Partnering for Purpose: A Year in Focus

• Cyberelements Launches Dedicated MSP Program

• Microsoft Introduces Enhanced Windows Protected Print Mode for Increased Security

• FBI Takes Down BlackCat Ransomware, Releases Free Decryption Tool

• Law Enforcement Confirms BlackCat Take Down, Decryption Key Offered to Victims

• Microsoft ChatGPT faces cyber threat for being politically biased

• Google To Pay $700m To Consumers In US Antitrust Settlement

• 12 Essential Steps Mac Users Need To Take At Year End

• hybrid cloud security

• AlphV/BlackCat hacked back as feds offer decryptor to ransomware victims

• Kraft Heinz Investigates Cybersecurity Threat

• Imperva Report Previously Undocumented 8220 Gang Activities

• Law enforcement seizes ALPHV/Blackcat sites, offers decryptor to victims

• Behind the Scenes of Matveev’s Ransomware Empire: Tactics and Team

• Smishing Triad Targets UAE Residents in Identity Theft Campaign

• Foreign Actors Targeted 2022 US Elections, Intelligence Community Reveals

• Navigating eSIM Policies and Regulations

• Mr. Cooper Hackers Stole ~15 Million Users’ Data

• More Than 26,000 Vulnerabilities Discovered in 2023

• Japan Chip Equipment Maker Kokusai Expands In China

• TSMC Chair Mark Liu To Retire In 2024

• Apple To Pause Series 9, Ultra 2 Watch Sales In US

• Jack Ma-Backed Seafood Start-Up Begins Online Sales

• FBI Seizes Dark Web Domain of Blackcat – ALPHV Ransomware

• Tech Device Manufacturers Urged by CISA to Remove Default Passwords

• Sidewinder Hacker Group Using Weaponized Documents to Deliver Malware

• Hacktivists Shut Down Iran’s Gas Pumps

• Xfinity Customer Data Compromised In Attack Exploiting CitrixBleed Vulnerability

• Brazil’s First Lady To Sue Musk’s X Over Hacked Account

• New QakBot Phishing Campaign Appears After FBI Takedown

• Mr. Cooper Breach Affects 14.6 Million Customers

• Turngate Raises $5 Million to Shed Light on User Activity

• Here’s How to Avoid Falling for Costly Pig Butchering Scam

• 2023 Cyber Threats: 26,000+ Vulnerabilities, 97 Beyond CISA List

• 5 Fraud Prevention Strategies That Help Companies Ward Off Cyber Attacks

• Web injections are back on the rise: 40+ banks affected by new malware campaign

• NetworkSherlock Powerful Port Scanner With Shodan

• Get Ahead of the Game: Protecting Your Cloud Native Applications with CloudGuard CNAPP

• holistic (holistic technology)

• Beyond DLP: Embracing a Multi-Layered Strategy for Personal Data Security

• Wiz and Apiiro partner to provide context-driven security from code to cloud

• IaaS Security: Top 8 Issues & Prevention Best Practices

• 5 Major Cybersecurity Trends to Know for 2024

• SimSpace raises $45M to simulate tech stacks for cyber training

• Anti-ransomware startup Halcyon lands fresh $40M tranche

• The Rise in Attacks Requires Specialized Expertise – Breakaway 1=5

• Hackers Abusing GitHub to Evade Detection and Control Compromised Hosts

• US and Australia Warn of Play Ransomware Threat

• Authorities claim seizure of notorious ALPHV ransomware gang’s dark web leak site

• CVE-2023-50164: A Critical Vulnerability in Apache Struts

• AI Coding Tools: How to Address Security Issues

• Fortinet enhances its OT security solutions and services

• Year in Malware 2023: Recapping the major cybersecurity stories of the past year

• “Get Paid to Like Videos”? This YouTube Scam Leads to Empty Wallets

• New SMTP Smuggling Attack Lets Hackers Send Spoofed Emails

• How To Protect RDP From Ransomware Attacks

• Comcast says hackers stole data of close to 36 million Xfinity customers

• A Dream Come True: My Journey to Africa as a Sea Turtle Conservation Volunteer

• 2022 Election Not Impacted by Chinese, Russian Cyber Activity: DOJ, DHS

• Every “Thing” Everywhere All at Once

• Smishing Triad: Cybercriminals Impersonate UAE Federal Authority for Identity and Citizenship on the Peak of Holidays Season

• OpenAI Is Not Training on Your Dropbox Documents—Today

• Iranian Hackers Using MuddyC2Go in Telecom Espionage Attacks Across Africa

• Are We Ready to Give Up on Security Awareness Training?

• “Quishing” you a Happy Holiday Season

• Xfinity Customer Data Compromised in Attack Exploiting CitrixBleed Vulnerability

• Hexnode offers patch management for Windows devices

• New Malvertising Campaign Distributing PikaBot Disguised as Popular Software

• Apple Supplier Qorvo Sells China Plants To Luxshare

• Governments Issue Warning After Play Ransomware Hits Hundreds of Organizations

• Mr. Cooper Data Breach Impacts 14.7 Million Individuals

• SSH vulnerability exploitable in Terrapin attacks (CVE-2023-48795)

• Mr. Cooper breach exposes sensitive info of over 14 million customers

• Cleafy improves banking security with real-time AI capabilities

• Massive Data Breach at Gokumarket: Over a Million Users’ Information Exposed

• Impact of Log4Shell Bug Was Overblown, Say Researchers

• Iranian Fuel Supplies Crippled By Cyber-Attack

• Over 14 Million Mortgage Customers Hit By Mr Cooper Breach

• Telcos Forced To Pause Switch To Digital Landlines For Vulnerable

• Hackers Actively Exploiting ActiveMQ Vulnerability to Install Malware

• The Current Challenges of Adopting Zero Trust and What You Can Do About Them

• The History of Patch Tuesday: Looking back at the first 20 years

• How Organizations Can Prevent Their Employees Falling for Cyber Scams

• Qakbot’s backbot: FBI-led takedown keeps crims at bay for just 3 months

• What Is Cloud Repatriation and Why Are Businesses Doing It?

• QakBot Malware Emerges with New Tactics, Attacking Hospitality Industry

• 8220 Gang Exploiting Oracle WebLogic Server Vulnerability to Spread Malware

• 3 Strategic Insights from Cybersecurity Leader Study

• Cyber Attack news headlines trending on Google

• Vulnerability Summary for the Week of December 11, 2023

• The impact of prompt injection in LLM agents

• Double-Extortion Play Ransomware Strikes 300 Organizations Worldwide

• EMBA: Open-source security analyzer for embedded devices

• Ransomware trends and recovery strategies companies should know

• Most cloud transformations are stuck in the middle

• How to protect unmanaged devices in today’s zero-trust world

• Cybersecurity Career Pathways for Students

• Encouraging Ethical Hacking Skills in Students

• The ransomware attack on Westpole is disrupting digital services for Italian public administration

• Victory: Utah Supreme Court Upholds Right to Refuse to Tell Cops Your Passcode

• KubeCon 2023: Securing Software Delivery and Deployment

• Accelerating Safe and Secure AI Adoption with ATO for AI: stackArmor Comments on OMB AI Memo

Generated on 2023-12-20 23:55:47.578927