IT Security News Daily Summary 2024-01-05

• Friday Squid Blogging—18th Anniversary Post: New Species of Pygmy Squid Discovered

• What Is a Firewall Policy? Steps, Examples & Free Template

• After crippling cancer hospital with ransomware, crims threaten to swat patients

• How to Build a Phishing Playbook Part 2: Wireframing

• AI and Cybersecurity in 2024: What’s Changing and Why It Matters

• AI Watermarking Won’t Curb Disinformation

• EFF Urges Pennsylvania Supreme Court to Find Keyword Search Warrant Unconstitutional

• How to create an incident response playbook

• Signal, AI Generated Art Least, Amazon, Facebook Most Invasive Apps, Study

• The best travel VPNs of 2024: Expert tested and reviewed

• The best VPN for streaming in 2024

• Mimecast Acquires Elevate Security to Personalize Controls

• 7 keys to an effective hybrid cloud migration strategy

• Strong Encryption Explained: 6 Encryption Best Practices

• USENIX Security ’23 – Sharbani Pandit, Krishanu Sarker, Roberto Perdisci, Mustaque Ahamad, Diyi Yang – ‘Combating Robocalls With Phone Virtual Assistant Mediated Interaction’

• Nest Wallet CEO Loses $125,000 in Wallet Draining Scam

• Hackers Leak 50 Million Records in ‘Free Leaksmas’ Spree

• U.S DOE Announces $70 Million Funding for Improving

• IoT Security in the Age of Cyber Threats

• Law Firm Orrick Reveals Extensive Data Breach, Over Half a Million Affected

• Merck Settles NotPetya Insurance Claim, Leaving Cyberwar Definition Unresolved

• SpectralBlur: New macOS Backdoor Threat from North Korean Hackers

• Data Breached firm blames customers for reusing passwords

• The source code of Zeppelin Ransomware sold on a hacking forum

• 19 xDedic Cybercrime Market Users and Admins Face Prison

• EU’s Antitrust Head To Meet Tech CEOs Next Week

• Alert: BlackSuit Ransomware Strikes US Schools – Defend With These Security Measures

• In Other News: US Ransomware Attacks, 23andMe Blames Victims, Nuclear Waste Hacking Attempt

• Cyber-Attacks Drain $1.84bn from Web3 in 2023

• Terrorism Tsar Warns Of AI Chatbot Radicalisation Risk

• 23andMe Told Victims Of Data Breach That Suing Is Futile, Letters Shows

• Google Chrome Starts Blocking Data Tracking Cookies

• Ukraine: Russia Hacked Webcams To Aid Missile, Drone Strikes On Kyiv

• A Heimdal MXDR Expert on Incident Response Best Practices and Myth Busting

• BreachForums boss busted for bond blunders – including using a VPN

• Open AI Moves to Minimize Regulatory Risk on Data Privacy in EU

• Unveiling Free VPN Risks: Protecting Online Privacy and Security

• AI and ML — The Keys to Modernizing the SOC

• New ‘SpectralBlur’ macOS Backdoor Linked to North Korea

• Wordfence Intelligence Weekly WordPress Vulnerability Report (December 18, 2023 to December 31, 2023)

• How To Use AzureSignTool to Sign Executables With Azure DevOps

• IoT – The key to connected care excellence

• Best of 2023: Enterprises Are Getting Better at Breach Prevention. But Attackers Are Getting Better, Too.

• How a Regional Credit Union Reinvented Email Security with Votiro Cloud

• SpaceX Sues US Agency That Alleged Illegal Firings

• Russia-linked APT Sandworm was inside Ukraine telecoms giant Kyivstar for months

• US Says 19 People Charged Following 2019 Takedown of xDedic Cybercrime Marketplace

• Cyber Security Today, Jan. 5, 2023 – 23andMe blames poor user password practices for a data breach

• Lost and found: How to locate your missing devices and more

• How to Be More Anonymous Online

• Ivanti Patches Critical Vulnerability in Endpoint Manager

• NIST Fortifies Chatbots and Self-Driving Cars Against Digital Threats

• Ivanti fixed a critical EPM flaw that can result in remote code execution

• SessionGuardian Mobile delivers identity assurance and data protection for iOS mobile devices

• Tackling Anti-Analysis Techniques of GuLoader and RedLine Stealer

• Russia Hacked Residential Cameras in Ukraine to Spy on Air Defense, Critical Infrastructure

• Energy Department Offering $70 Million for Security, Resilience Research

• Nigerian Arrested, Charged in $7.5 Million BEC Scheme Targeting US Charities

• Singapore telcos to let subscribers block international calls in new anti-scam measure

• MyEstatePoint Property Search Android app leaks user passwords

• 23andMe shifts blame to users for data breach

• 23andMe Blames User “Negligence” for Data Breach

• 3 New Malicious PyPI Packages Found Installing CoinMiner on Linux Devices

• UAC-0050 Group Using Remcos RAT to Attack Government Agencies

• Widespread Vulnerability in SSH Servers: The Terrapin Attack Threat

• Vigilant Ops Raises $2 Million for SBOM Management Platform

• Exposed Secrets are Everywhere. Here’s How to Tackle Them

• $22 Million Wake-up Call to Improve Security

• Russian Hackers Had Covert Access to Ukraine’s Telecom Giant for Months

• Alert: Ivanti Releases Patch for Critical Vulnerability in Endpoint Manager Solution

• Sandworm’s Kyivstar attack should serve as a reminder of the Kremlin crew’s ‘global reach’

• How Can Data Breach Be A Trouble For Your Industry?

• FBI says Capitol Bomb Threat hackers are hard to identify

• What is the qualification to become a Cybersecurity Analyst

• January 2024 Patch Tuesday forecast: A Focus on Printing

• New Bandook RAT Variant Resurfaces, Targeting Windows Machines

• Artificial Deception: The State Of “AI” In Defense and Offense

• Master Security by Building on Compliance with A Risk-Centric Approach

• Charting a Trustworthy AI Journey

• Escalating cyber threats: Bots, fraud farms, and cryptojacking surge, urgently requiring attention

• Breaking down the state of authentication

• Budget cuts take a toll on IT decision makers’ mental health

• Cybersecurity Challenges in Remote Learning

• Online Assessment Security Best Practices for Educators

• Best EDR Of The Market (BEOTM) – Endpoint Detection and Response Testing Tool

• IT Security News Daily Summary 2024-01-04

• Facebook Suspends Then Reinstates Popular Conservative Account

• Ransomware gang starts leaking data stolen from Quebec university

• Survey Surfaces Lack of Confidence in Existing Cybersecurity Tools

• X-ploited: Mandiant restores hijacked Twitter account after attempted crypto heist

• 23andMe blames its users for the massive data breach

• 10 of the biggest zero-day attacks of 2023

• USENIX Security ’23 – Sathvik Prasad, Trevor Dunlap, Alexander Ross, Bradley Reaves – ‘Diving into Robocall Content With SnorCall’

• SentinelOne Acquires PingSafe to Advance CNAPP Ambitions

• The best VPN trials of 2024

• The best Bluetooth trackers of 2024

• X marks the spot: Mandiant restores hijacked Twitter account after attempted crypto heist

• 8 hybrid cloud security challenges and how to manage them

• Legendas.TV – 3,869,181 breached accounts

• Netography Fusion Expands Microsoft Integrations for Greater Context Enrichment and Faster Compromise Detection

• Intel Spins Off Enterprise Generative AI Deployment Firm Articul8

• 8 Types of Firewalls Explained & When to Use Each

• Hacker hijacked Orange Spain RIPE account causing internet outage to company customers

• EFF Asks Court to Uphold Federal Law That Protects Online Video Viewers’ Privacy and Free Expression

• Randall Munroe’s XKCD ‘2024’

• Apple Watch Credited With Saving Woman’s Life After Poisoning

• Meta tracks your Facebook link history, but now you can opt out

• Infosec experts divided over 23andMe’s ‘victim-blaming’ stance on data breach

• To Beat Russia, Ukraine Needs a Major Tech Breakthrough

• HealthEC data breach impacted more than 4.5 Million people

• Mimecast Acquires User Education Startup Elevate Security

• Ontario healthcare providers now face possible fines for ‘severe’ data privacy violations

• Mitsubishi Electric Factory Automation Products

• Rockwell Automation FactoryTalk Activation

• CISA Releases Three Industrial Control Systems Advisories

• Law firm that handles data breaches was hit by data breach

• The Biggest Tech Talent Gap Can Be Found in the SAP Ecosystem

• Cryptocurrency wallet CEO loses $125,000 in wallet-draining scam

• Software supply chain security remains a challenge for most enterprises

• Q&A: Supporting SOC Teams and Avoiding Burnout

• Enhancing Web Security: NSFOCUS WAF Integration Solutions

• Embattled LastPass Enforcing 12-Character Passwords for All

• LastPass Enforces 12-Character Master Passwords

• Biden Admin To Award $162m To Microchip Tech For US Chip Production

• Ukraine Blames Russian Sandworm Hackers for Kyivstar Attack

• SentinelOne acquires PingSafe

• Create a Registration API in 15 minutes

• Experts found 3 malicious packages hiding crypto miners in PyPi repository

• Major Data Breach at HealthEC Affects Millions

• Microsoft To Add Copilot Key To Windows PC Keyboards

• Google Chrome Use After Free Flaw Let Attacker Hijack Browser

• IT and OT cybersecurity: A holistic approach

• Airbus Offering to Buy Atos Cybersecurity Unit for Up to $2 Billion

• Google Patches Six Vulnerabilities With First Chrome Update of 2024

• Fortifying iPhone Security: Stolen Device Protection & Essential Tips Amid Rising Theft Concerns

• SaaS Challenges and How to Overcome Them

• Ahmedabad Creates History as India’s First City With AI-Linked Surveillance System

• Cyber Security Today, January 3, 2024 – Prepare for upcoming privacy legislation

• Free Decryptor Tool Released for the Black Basta Ransomware

• Black Basta Buster Utilizes Ransomware Flaw to Recover Files

• 23andMe: It’s YOUR Fault We Lost Your Data

• Using Stronger Passwords Among Top 2024 Digital Resolutions

• Unveiling the Power of NFC Technology: Transforming Connectivity in the Digital Era

• Mandiant regains control of X/Twitter account

• Avast researchers detect a surge in fake e-shops following holidays

• Estes Express Lines Says Personal Data Stolen in Ransomware Attack

• Beyond Protocols: How Team Camaraderie Fortifies Security

• 4.5 Million Individuals Affected by Data Breach at HealthEC

• With Deepfakes on Rise, Where is AI Technology Headed?

• Intellicheck announces Identity Platform advancements

• HealthEC Data Breach Impacts 4.5 Million Patients

• LastPass is enforcing some security changes to user accounts

• Apple Settles Lawsuit Concerning iTunes Gift Card Scam

• CISA Warns of Exploited Vulnerabilities in Chrome and Excel Parsing Library

• Zero Trust in API Management

• Mastering the Art of Cyber Resilience in Operational Technology

• Millions Still Haven’t Patched Terrapin SSH Protocol Vulnerability

• SRLabs Develops Black Basta Ransomware Decryptor

• Estes Express Lines Says Personal Data Stolen In Ransomware Attack

• Hacked Mandiant X Account Abused For Cryptocurrency Theft

• Infostealer malware, weak password leaves Orange Spain RIPE for plucking

• Best of 2023: Best online .apk virus scanners – Hackernet

• A Delhi Lawyer’s Encounter Exposes Hidden Perils of SIM Swap Scam

• Three Ways To Supercharge Your Software Supply Chain Security

• Resecurity Identifies AI Tool Being Used to Compromise Business Email

• Hackers turn to generative AI to commit crime

• SpaceX Illegally Fired Staff Critical Of Elon Musk, Says US Agency

• Four Cyber Criminals Convicted of Spreading ChatGPT-Assisted Ransomware

• Crooks hacked Mandiant X account to push cryptocurrency scam

• As lawmakers mull outlawing poor security, what can they really do to tackle online gangs?

• Hacked Mandiant X Account Abused for Cryptocurrency Theft

• Identity Crisis: 14 Million Individuals at Risk After Mortgage Lender’s Data Breach

• Over 1800 global banking apps targeted by 29 malware variants

• Xerox Axes 15 Percent Of Workforce, Admits ‘Cyber Incident’

• X Account of Google Cybersecurity Firm Mandiant Hacked in Crypto Scam

• Don’t get hacked! Apply the right vulnerability metrics to Kubernetes scans

• Beware: 3 Malicious PyPI Packages Found Targeting Linux with Crypto Miners

• This company says AI can help design sustainable smart home appliances

• Industrial Defender Risk Signal integrates threat intelligence and business context

• Experts Clash Over Ransomware Payment Ban

• Active Directory Infiltration Methods Employed by Cybercriminals – ASEC Report

• Three Chinese balloons float near Taiwanese airbase

• SentinelOne acquires PingSafe to expand cloud security capabilities

• Nigerian Faces $7.5m BEC Charges After Charities Are Swindled

• OpenSSL 3.1 FIPS Module Has Been Submitted for Validation

• UAC-0050 Group Using New Phishing Tactics to Distribute Remcos RAT

• Securing Gold: Assessing Cyber Threats on Paris 2024

• Wireshark 4.2.1 Released: What’s New!

• WinRAR Flaw: LONEPAGE Malware Strikes Ukrainian Firms

• Mandiant’s Twitter Account Restored After Six-Hour Crypto Scam Hack

• DriveFS Sleuth: Open-source tool for investigating Google Drive File Stream’s disk forensic artifacts

• The dynamic relationship between AI and application development

• 15 open-source cybersecurity tools you’ll wish you’d known earlier

• EdTech Evaluation: Choosing Secure Educational Software

• Five New Year Resolutions to Secure Your Data in 2024

• Consumers prepared to ditch brands after cybersecurity issues

• The state of container security: 5 key steps to locking down your releases

• Democracy 2024: Stakes vs. Horses

• Mandiant loses control of X/Twitter account

• Building a Culture of Digital Responsibility in Schools

• Microsoft kills off Windows app installation from the web, again

• USENIX Security ’23 – Bingyu Shen, Tianyi Shan, Yuanyuan Zhou – ‘Improving Logging to Reduce Permission Over-Granting Mistakes’

Generated on 2024-01-05 23:55:54.364177