IT Security News Daily Summary 2024-01-13

• USENIX Security ’23 – Svetlana Abramova and Rainer Böhme – Anatomy of a High-Profile Data Breach: Dissecting the Aftermath of a Crypto-Wallet Case

• Microsoft is named a Leader in the 2023 Gartner® Magic Quadrant™ for Endpoint Protection Platforms

• Unraveling CAPTCHA: A Comprehensive Insight Into Its History, Applications, and Efficiency

• Microsoft is named a Leader in the 2023 Gartner® Magic Quadrant™ for Endpoint Protection Platforms

• GitLab fixed a critical zero-click account hijacking flaw

• Toronto Zoo Suffers a Ransomware Attack

• Driving into Tomorrow: The AI powered Car Takeover

• Wordfence Intelligence Weekly WordPress Vulnerability Report (January 1, 2024 to January 7, 2024)

• Embracing a Passwordless Future: Navigating the Shift to Decentralized Security in 2024

• Crypto Enthusiasts Embrace New Frontier: Investing in Bitcoin ETFs Explained

• Unlocking the Secrets of Data Privacy: Navigating the World of Data Anonymization: Part 2

• A Bloody Pig Mask Is Just Part of a Wild New Criminal Charge Against eBay

• Cybersecurity Risk to Banking Sector a Significant Challenge: RBI Governor

• Web Server Penetration Testing Checklist – 2024

• Most Important Web Server Penetration Testing Checklist

• Microsoft is named a Leader in the 2023 Gartner® Magic Quadrant™ for Endpoint Protection Platforms

• Critical RCE Vulnerability Uncovered in Juniper SRX Firewalls and EX Switches

• 29-Year-Old Ukrainian Cryptojacking Kingpin Arrested for Exploiting Cloud Services

• Adding OpenSSL Generated Certificates to Your Server: A Comprehensive Guide

• 7 Steps to Build a Defense in Depth Strategy for Your Home

• Zombie APIs: The Scariest Threat Lurking in The Shadows?

• Microsoft is named a Leader in the 2023 Gartner® Magic Quadrant™ for Endpoint Protection Platforms

• Lessons from SEC’s X account hack – Week in security with Tony Anscombe

• Number of orgs compromised via Ivanti VPN zero-days grows as Mandiant weighs in

• Webinar: Solving the Bi-Directional Sync Problem with Microsoft Sentinel and D3 Smart SOAR

• How enterprises are using gen AI to protect against ChatGPT leaks

• Why we update… Data-thief malware exploits SmartScreen on unpatched Windows PCs

• This is why we update… Data-thief malware exploits unpatched Windows PCs

• Getting Real About Ransomware

• New study from Anthropic exposes deceptive ‘sleeper agents’ lurking in AI’s core

• Cyber Security Today, Week in Review for Friday, Jan. 12, 2024

• IT Security News Daily Summary 2024-01-12

• Newly Discovered Ivanti Secure VPN Zero-Day Vulnerabilities Allow Chinese Threat Actor to Compromise Systems

• tunneling or port forwarding

• Juniper Networks fixed a critical RCE bug in its firewalls and switches

• Australia slams Twitter (now X) for 80% cut in trust and safety engineers

• Top cyberthreats for 2024

• Safeguard your heart and personal info this cuffing season

• Randall Munroe’s XKCD ‘Like This One’

• USENIX Security ’23 – Guanhong Tao, Shengwei An, Siyuan Cheng, Guangyu Shen, Xiangyu Zhang – Hard-Label Black-Box Universal Adversarial Patch Attack

• Exploit for under-siege SharePoint vuln reportedly in hands of ransomware crew

• Why is the iPhone Force Restart Not Working?

• How To Access Your Photos On iCloud

• How to See Who Blocked You on Facebook

• How to Recover an Unsaved Excel File

• YouTube Not Working on iPhone? Here’s How to Fix It

• How to Stop Your X Account From Getting Hacked Like the SEC’s

• Secret multimillion-dollar cryptojacker snared by Ukrainian police

• 5 Free Online Brand Protection Software Tools: Pros and Cons

• Texas School Safety Software Data Leak Endangers Student Safety

• Grow and Differentiate Your Business with Expanded Managed Security Solutions

• USENIX Security ’23 – Shibo Zhang, Yushi Cheng, Wenjun Zhu, Xiaoyu Ji, Wenyuan Xu – CAPatch: Physical Adversarial Patch against Image Captioning Systems

• Before starting your 2024 security awareness program, ask these 10 questions

• Palo Alto Networks Recognized as a Leader in the 2023 Gartner Magic Quadrant for Endpoint Protection Platforms (EPP)

• Brad Arkin is New Chief Trust Officer at Salesforce

• Growing Concerns Regarding The Dark Side Of A.I.

• Al Gore Steps Down From Apple Board, Due To Age

• FCC Asks Carmakers, Carriers How They’re Protecting Abuse Survivors

• Optimizing Education: Unleashing the Potential of Artificial Intelligence in the Classroom

• Which is Better: VPN or Microsoft Security Service Edge (SSE)?

• Mandiant suffers phishing attack on its X Account and exposes CLINKSINK malware

• Most Businesses Lack Confidence In Ability To Overcome Cyberattacks

• Stay protected online with the ESET NOD32 2024 antivirus software for $25

• An Introduction to AWS Security

• 6 Best Cloud Log Management Services in 2024 Reviewed

• Laptop Maker Framework Says Customer Data Stolen in Third-Party Breach

• Ivanti VPN Zero-Day Combo Chained ‘by China’

• The future may be passwordless, but it’s not here yet

• 7 Best VPNs for iPhone in 2024

• Framework says hackers accessed customer data after phishing attack on accounting partner

• Secure network operations for hybrid working

• CISA Urges Critical Infrastructure to Patch Urgent ICS Vulnerabilities

• Hackers can hijack your Bosch Thermostat and Install Malware

• WordPress Plugin Flaw Exposes 300,000+ to Hack Attacks

• Splunk Patched Critical Vulnerabilities in Enterprise Security

• The Essential Guide To Effective Software Testing

• Alert! Fake Recruiters on Facebook: Unmasking Remote Jobs SCAM – Protection

• In Other News: WEF’s Unsurprising Cybersecurity Findings, KyberSlash Cryptography Flaw

• Improving Cybersecurity Response With Open Source Endpoint Visibility

• North Korean Hacking Outfit Lazarus Siphons $1.2M of Bitcoin From Coin Mixer

• Akira ransomware attackers are wiping NAS and tape backups

• Medusa Ransomware on the Rise: From Data Leaks to Multi-Extortion

• Nation-State Actors Weaponize Ivanti VPN Zero-Days, Deploying 5 Malware Families

• Waiting for Your Pay Raise? Cofense Warns Against HR-Related Scams

• Is Open Source More Risk than Reward?

• ThreatCloud AI Wins 2024 BIG Innovation Award

• So, are we going to talk about how GitHub is an absolute boon for malware, or nah?

• The State of Open Source Cloud-Native Security

• Connected Tools, Connected Risks: Cybercriminals Use Wrenches as Gateways to Ransomware

• Cyber Security Today, Jan. 12, 2024 – A Chinese hacking group’s reach may be bigger than we thought

• Amazon Cuts Staff In Audible, Prime Video and MGM Studio Divisions

• Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467

• Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election

• Russian Hackers Likely Not Involved in Attacks on Denmark’s Critical Infrastructure

• New Class of CI/CD Attacks Could Have Led to PyTorch Supply Chain Compromise

• Applying the Tyson Principle to Cybersecurity: Why Attack Simulation is Key to Avoiding a KO

• Financial Fraud APK Campaign

• Incident response: How to implement a communication plan

• Data regulator fines HelloFresh £140k for sending 80M+ spams

• Malware Used in Ivanti Zero-Day Attacks Shows Hackers Preparing for Patch Rollout

• Apple Patches Keystroke Injection Vulnerability in Magic Keyboard

• Three Tips To Use AI Securely at Work

• Critical GitLab flaw allows account takeover without user interaction, patch quickly! (CVE-2023-7028)

• Being PCI DSS certified

• Closed Door Security Becomes Scotland’s First Chartered Cyber Security Business

• Qbot Malware Via FakeUpdates Leads the Race of Malware Attacks

• How finops can make the cloud more secure

• Hathway – 4,670,080 breached accounts

• Team Liquid’s wiki leak exposes 118K users

• Vulnerability Puts Bosch Smart Thermostats at Risk of Compromise

• Do More with Security Orchestration, Automation, and Response (SOAR)

• Behavox Intelligent Archive simplifies operations for the unified tech stack

• Human Error and Insiders Expose Millions in UK Law Firm Data Breaches

• While we fire the boss, can you lock him out of the network?

• HackerOne collaborates with Semgrep to streamline code review for modern development

• Cryptominers Targeting Misconfigured Apache Hadoop and Flink with Rootkit in New Attacks

• CVE-2023-36025 Exploited for Defense Evasion in Phemedrone Stealer Campaign

• Securing Crypto Journeys: Advancing Security Measures in Coin Swapping

• Drivers: We’ll take that plain dumb car over a flashy data-spilling internet one, thanks

• Act Now: CISA Flags Active Exploitation of Microsoft SharePoint Vulnerability

• Why is my SSL expiring every 3 months?

• Hackers Actively Exploited 2 Ivanti Zero-Day to Execute Arbitrary Commands

• Hyundai Motor India fixes bug that exposed customers’ personal data

• Ransomware wiping out data on tape backups and malware hitting MYSQL Servers

• A simple guidance on obtaining effective endpoint security

• Cloud security predictions for 2024

• Cyber budgets and the VC landscape in 2024

• New infosec products of the week: January 12, 2024

• Man Is Suing Facebook, 27 Women For “Are We Dating The Same Guy” Facebook Group

• Windows Computer Hit with AgentTesla Malware to Steal Data

• Canadian Cyber Centre now ranks threats with SecurityScorecard solution

• AgentTesla Malware Attacking Windows Machine to Steal Sensitive Data

• Using the Knowledge Store on Cisco Observability Platform

• Cutting Edge: Suspected APT Targets Ivanti Connect Secure VPN in New Zero-Day Exploitation

Generated on 2024-01-13 23:55:52.401273