IT Security News Daily Summary 2024-02-02

• Botnet Attack Targeted Routers: A Wake-Up Call for Securing Remote Employees’ Hardware

• San Francisco Police’s Live Surveillance Yields Almost 200 Hours of Spying–Including of Music Festivals

• Taylor Swift is not the first victim of AI: Decoding the deepfake dilemma

• Botnet Struck U.S. Routers. Here’s How to Keep Employees Safe

• Blackbaud settles with FTC after that IT breach exposed millions of people’s info

• Botnet Struck U.S. Routers; Here’s How to Keep Employees Safe

• David Kahn

• USENIX Security ’23 – Anrin Chakraborti, Duke University; Darius Suciu, Radu Sion – Wink: Deniable Secure Messaging

• Cyber Security Today, Week in Review for the week ending Feb. 2, 2024

• GenAI development should follow secure-by-design principles

• Operation Synergia led to the arrest of 31 individuals

• US Slaps Sanctions on ‘Dangerous’ Iranian Hackers Linked to Water Utility Hacks

• Survey Surfaces Raft of Cloud Security Challenges

• Cloudflare discloses breach related to stolen Okta data

• USENIX Security ’23 – David Balbás, Daniel Collins, Serge Vaudenay – Cryptographic Administration for Secure Group Messaging

• Daniel Stori’s ‘bash-gpt’

• Critical vulnerability in Mastodon is pounced upon by fast-acting admins

• Layoffs Hit Security Vendors Okta, Proofpoint, Netography

• Increasing Number of Ransomware Targets Opting Against Ransom Payments

• Mispadu Stealer’s New Variant Targets Browser Data of Mexican Users

• Top 4 Developer Takeaways From the 2024 Kubernetes Benchmark Report

• Cloudflare Falls Victim to Cyberattack Leveraging Credentials from Okta Breach

• Mother of all Breaches may contain NEW breach data

• Tax season is here, so are scammers

• “You have blood on your hands.” Senate Committee calls for action by social media giants to protect children online

• FBI removes malware from hundreds of routers across the US

• CISA: Disconnect vulnerable Ivanti products TODAY

• Akira Ransomware Unleashes Cyber Storm: Targets North American Companies

• Cisco User Protection Suite Provides MSSPs a Comprehensive and Compelling Package

• Is Your Gadget Secretly a Security Risk?

• Mark Zuckerberg Apologizes to Families in Fiery US Senate Hearing

• Critical Windows Event Log Vulnerability Uncovered: Enterprise Security at Risk

• FTC Orders Blackbaud to Address Poor Security Practices

• Clorox Says Cyberattack Costs Exceed $49 Million

• Cyber Attack news headlines trending on Google

• Redefining the IT war room with end-to-end observability

• Microsoft Ditches C# for Rust: M365 Core Gets Safety and Perf Boosts

• Tories again cause testimony on proposed cybersecurity bill to be shortened

• Juniper Networks Releases Security Bulletin for Juniper Secure Analytics

• Ex CIA employee Joshua Adam Schulte sentenced to 40 years in prison

• Russian APT28 Hackers Targeting High-Value Orgs with NTLM Relay Attacks

• Teen Chatting App Wizz Removed from Apple and Google Stores for Sextortion Concerns

• Tesla To Settle California’s Hazardous Waste Lawsuit

• Recent Tesla Hacks Highlight Importance of Protecting Connected Devices

• DraftKings Hacker Sentenced to 18 Months in Prison

• Credential Harvesting Vs. Credential Stuffing Attacks: What’s the Difference?

• Apple Raises Concerns Over UK’s Ability to ‘Secretly Veto’ Global Privacy Tools

• Cohesity Research Shows That Most Firms Break Their “Do Not Pay” Policies by Paying Millions in Ransoms

• AI Takes Center Stage: Microsoft’s Bold Move to Unparalleled Scalability

• Teen Dating App Wizz Removed from Apple and Google Stores for Sextortion Concerns

• Meta Pleases As ‘Year Of Efficiency’ Pays Off With FY23 Results

• New Android Malware on Google Play Disguised as Messaging or News Apps

• FritzFrog Botnet Attacking Linux Servers to Steal SSH Credentials

• Simplifying Data Management for Technology Teams With HYCU

• How audio-jacking using gen AI can distort live audio transactions

• Romance Scam Victims Surge in 2023

• FTC orders Blackbaud to overhaul ‘reckless’ security practices in wake of 2020 breach

• Biden to Veto Attempt to Overturn SEC Cyber Incident Disclosure Rules

• 31 People Arrested in Global Cybercrime Crackdown

• Security Leaders, C-Suite Unite to Tackle Cyberthreats

• Cyber Security Today, Feb. 2, 2024 – AI fakes are making trouble for facial recognition logins, and more

• DirtyMoe Malware Infects 2,000+ Ukrainian Computers for DDoS and Cryptojacking

• Cloudflare Hacked After State Actor Leverages Okta Breach

• DLP: AI-Based Approach

• From Chaos to Control: Nurturing a Culture of Data Governance

• Interpol’s latest cybercrime intervention dismantles ransomware, banking malware servers

• Essential Business Continuity Requires Application Resilience

• Apple Lowers iPhone Forecast, As Tim Cook Touts ‘AI Announcement’

• Digital Transformation in Engineering: A Journey of Innovation in Retail

• November 2023 Cyber Attacks Statistics

• Netherlands Fines Uber Over Data Protection

• Cloudflare Hacked by Suspected State-Sponsored Threat Actor

• Cloudflare breached on Thanksgiving Day, but the attack was promptly contained

• Cloudzy Elevates Cybersecurity: Integrating Insights from Recorded Future to Revolutionize Cloud Security

• Former CIA Engineer Sentenced to 40 Years for Leaking Classified Documents

• Cloudflare Suffers Breach After Failing to Rotate Stolen Okta Credentials

• Exploring the Latest Mispadu Stealer Variant

• Ex-CIA Computer Engineer Gets 40 Years in Prison for Giving Spy Agency Hacking Secrets to WikiLeaks

• INTERPOL Arrests 31 in Global Operation, Identifies 1,900+ Ransomware-Linked IPs

• PurpleFox malware infected at least 2,000 computers in Ukraine

• Verimatrix partners with AWS to increase reliability for OTT content security

• LockBit Reigns Supreme in Soaring Ransomware Landscape

• Leveraging AI for Advanced SIEM: A New Era in Cybersecurity

• What is Mark Zuckerberg preparing for?

• State-of-the-Art Redis Malware Bypasses Security Solutions to Hack Servers

• How Does Cybersecurity Services Prevent Businesses From Cyber Attacks?

• Ivanti discloses 2 New zero-days, one already under exploitation

• Shifting Left Means Shifting Smart: Managing Software Risk With ASPM

• Cloudflare Breach: Nation-State Hackers Access Source Code and Internal Docs

• Change Your Password Day professes a cybersecurity message

• Benefits on sharing cyber attack information

• Dynamic capa: Exploring Executable Run-Time Behavior with the CAPE Sandbox

• DDoS attack power skyrockets to 1.6 Tbps

• New infosec products of the week: February 2, 2024

• NIS2 Directive raises stakes for security leaders

• Cybersecurity in the Internet of Things (IoT) Era

• EU adopts first cybersecurity certification scheme for safer tech

• Crowdsourced security is not just for tech companies anymore

• Wikileaks source and former CIA worker Joshua Schulte sentenced to 40 years jail

• 3 new ways the Microsoft Intune Suite offers security, simplification, and savings

• Connect with Microsoft at these cybersecurity events in 2024

• Malicious logins from suspicious infrastructure fuel identity-based incidents

• Albania’s Institute of Statistics Suffers Cyberattack, Some Systems Affected

• Managing the hidden risks of shadow APIs

• How to Clean Your Charging Port in 5 Easy Steps

• The Evolution of Cyber Threats: Past, Present, and Future

• Cloudflare sheds more light on Thanksgiving security breach in which tokens, source code accessed by suspected spies

• Frog4Shell ? FritzFrog Botnet Adds One-Days to Its Arsenal

• Meet the UC Berkeley professor tracking election deepfakes

• 3.5M exposed in COVID-19 e-passport leak

• Diving into the 2024 Security Megatrends

• USENIX Security ’23 – Cas Cremers, Charlie Jacomme, Aurora Naska – Formal Analysis of Session-Handling in Secure Messaging: Lifting Security from Sessions to Conversations

• Man sentenced to six years in prison for stealing millions in cryptocurrency via SIM swapping

• IT Security News Daily Summary 2024-02-01

• Anonymous Sudan Claims DDOS Attacks on UAE’s Flydubai Airline

• The Mystery of the $400 Million FTX Heist May Have Been Solved

• Facebook Founder Zuckerberg Appears Before Congress And Apologizes For Harm To Children

• The $400 Million FTX Heist Mystery May Have Been Solved

• CISA Hosts Second Cyber Resilient 911 Symposium

• FBI Disrupts Chinese State-Backed Volt Typhoon’s KV Botnet

• Legal and Compliance Considerations in Cloud Computing

• CISA orders federal agencies to disconnect Ivanti VPN instances by February 2

• Critical infrastructure hacks raise alarms on Chinese threats

• Heimdal Partners with Jupiter Technology to Distribute Cybersecurity Solutions in Japan

• UN Cybercrime Treaty Could Endanger Web Security

• The many ways electric cars are vulnerable to hacks, and whether that matters in a real-world

• Tesla Sued By Californian Counties Amid Hazardous Waste Allegations

• ANY.RUN Sandbox Now Let SOC & DFIR Teams Analyze Sophisticated Linux Malware

• Arrests in $400M SIM-Swap Tied to Heist at FTX?

• Biden will veto attempts to kill off SEC’s security breach reporting rules

• Rise of deepfake threats means biometric security measures won’t be enough

• How attractive are our Canadian cities to cybersecurity professionals – and why does it matter?

• Google Signs Major Offshore Wind Deal

• Hackers Uncover Airbus EFB App Vulnerability, Risking Aircraft Data

• Game on: Level up your AI knowledge with Cisco U.

• Optimize Control Health Management Across Business Levels: Introducing Scopes

• Telegram is a Wide-Open Marketplace for Phishing Tools

• Here is Apple’s official ‘jailbroken’ iPhone for security researchers

• US gives federal agencies 48 hours to disconnect flawed Ivanti VPN tech

• A Startup Allegedly ‘Hacked the World.’ Then Came the Censorship—and Now the Backlash

• AVEVA Edge products (formerly known as InduSoft Web Studio)

• Gessler GmbH WEB-MASTER

• CISA Releases Two Industrial Control Systems Advisories

• Biden will veto attempts to rip up SEC breach reporting rule

• Mercedes-Benz Accidentally Reveals Secret Code

• Unprecedented Data Breach Exposes Personal Information of Millions in India

• Top 8 cloud IAM best practices to implement

• Retail Tech Deep-Dive: Webex Connect

• CISA Sets 48-hour Deadline for Removal of Insecure Ivanti Products

• FBI Warning: China Will Hack US Infra. (via Router Botnet)

• Proposed Canadian AI law is like a race car without an engine, expert tells Parliamentary committee

• US Agencies Failure to Oversee Ransomware Protections Threaten White House Goals

• Third Of European Businesses Have Adopted AI, Says AWS

• The Power and Limitations of AI in Cybersecurity

• Hundreds of Network Operators’ Credentials Compromised on Dark Web

• FritzFrog Returns with Log4Shell and PwnKit, Spreading Malware Inside Your Network

• Wordfence Intelligence Weekly WordPress Vulnerability Report (January 22, 2024 to January 28, 2024)

• FTC issues ban on location data and bars information brokers from duties

• Cisco AppDynamics observability solutions help partners expand their business

• Imperva uncovers new Indicators of Compromise for FBI and CISA-flagged AndroxGh0st botnet

• Optimizing Data Lakes: Streamlining Storage with Effective Object Management

• Watch: Top Cyber Officials Testify on China’s Cyber Threat to US Critical Infrastructure

• ‘Leaky Vessels’ Container Escape Vulnerabilities Impact Docker, Others

• Interpol-Led Initiative Targets 1300 Suspicious IPs

• Shareholders To Vote On Tesla Move To Texas, After Delaware Ruling

• UK Police Holding Bitcoin Worth £1.4 Billion – Report

• The Multicloud Landscape: Global Trends, Sovereignty, and Cisco’s Strategic Support

• The State of Ransomware 2024

• Aim Security to Limit Exposure of Sensitive Data to Generative AI Services

• FritzFrog botnet exploits Log4Shell, PwnKit vulnerabilities

• Pump-and-Dump Schemes Make Crypto Fraudsters $240m

• Okta lays off 400 employees — almost exactly a year after last staff cuts

• What is HTTP Request Smuggling and HTTP/2 Downgrading?

• Top 11 Privileged Access Management Solutions (2024)

• Man Sentenced to Prison for Stealing Millions in Cryptocurrency via SIM Swapping

• Qualys enhances CyberSecurity Asset Management to discover risky unmanaged devices

• Graylog API Security enables organizations to identify and classify APIs

• Fake Voicemail as Credential Harvesting Lure

• Generative AI is the Pride of Cybercrime Services

• LockBit shows no remorse for ransomware attack on children’s hospital

• Biden Will Veto Efforts to Spike SEC Breach Disclosure Rule

• AI Poison Pill App Nightshade Received 250K Downloads in Five Days

• Exposed Docker APIs Under Attack in ‘Commando Cat’ Cryptojacking Campaign

• Google’s Bazel Exposed to Command Injection Threat

• Short, Mid and Long-Term Impacts of AI in Cybersecurity

• At Least 30 Journalists, Lawyers and Activists Hacked With Pegasus in Jordan, Forensic Probe Finds

• New York Sues Citibank Over Poor Data Security

• Three Compliance Management Solutions for Technology Decision-Makers

• Is Your Remote Workforce Truly Safe? Three Reasons Zero-Trust is the Answer

• FBI disrupts Chinese botnet used for targeting US critical infrastructure

• Secureworks Threat Score reduces alert noise and time to respond

• The Cost of Not Conducting a Network Infrastructure Risk Assessment: A Costly Gamble

• Cisco Revolutionizes Networking with Pay-As-You-Go for Equinix Network Edge and Equinix Fabric

• Interview: Former FBI Analyst on the CJIS MFA Mandate & Duo

• 10 Best Privileged Identity Management Tools (2024)

• Huber Heights Under Siege: Ransomware Attack Hits 5,000+ Residents

• The Dual Landscape of LLMs: Open vs. Closed Source

• US Thwarts Volt Typhoon Cyber Espionage Campaign Through Router Disruption

• Ripple Co-Founder’s Personal XRP Wallet Breached in $112 Million Hack

• Pawn Storm APT Launch Hash Relay Attacks on Government Departments

• Grandoreiro Banking Malware Infrastructure Seized by Authorities

• U.S. Feds Shut Down China-Linked “KV-Botnet” Targeting SOHO Routers

• Mark Zuckerberg Apologises To Parents At Senate Hearing

• Audio-jacking: Using generative AI to distort live audio transactions

• Protecting Critical Infrastructure from Cyber Attack

• Ruthless Prioritization Is a Myth: Aim For Risk-Less Prioritization Instead

• Ditch the Worry – Switch to Secure WhatsApp Alternative

• Why Are Cybersecurity Automation Projects Failing?

• Johnson Controls Ransomware Attack: Data Theft Confirmed, Cost Exceeds $27 Million

• Strengthening Cybersecurity in Local Government: How to Protect Networks Amid an Epidemic

• BackBox introduces ZTNO to automate zero trust security for network operations

• Dynatrace provides end-to-end observability of AI applications

• HeadCrab 2.0 Goes Fileless, Targeting Redis Servers for Crypto Mining

• Why the Right Metrics Matter When it Comes to Vulnerability Management

• Hiring Kit: Cyber Threat Hunter

• Mobile Device Security Policy

• TechRepublic Premium Editorial Calendar: Policies, Checklists, Hiring Kits and Glossaries for Download

• Multiple malware used in attacks exploiting Ivanti VPN flaws

• Apple Patches Vision Pro Vulnerability as CISA Warns of iOS Flaw Exploitation

• CISA and FBI Warn of AndroxGh0st Malware Threat

• Salt Security Joins AWS Lambda Ready Program

• Threat actor used Vimeo, Ars Technica to serve second-stage malware

• Two Ivanti Zero-Day Vulnerabilities Demand Immediate User Attention

• Protect AI acquires Laiyer AI to extend company’s AI/ML security capabilities

• Managing Financial Crime Risks in Digital Payments

• Streamlining the Cybersecurity Maturity Model Certification (CMMC)

• The True Cost of Employee Fraud

• Ivanti Releases Zero-Day Patches and Reveals Two New Bugs

• Unveiling the intricacies of DiceLoader

• Hackers Started using Python for Developing New Ransomware

• ESET Research Podcast: ChatGPT, the MOVEit hack, and Pandora

• Police seized 50,000 Bitcoin from operator of the now-defunct piracy site movie2k

• CISA Warns of Active Exploitation of Critical Flaws in Apple iOS and macOS

• Warning: New Malware Emerges in Attacks Exploiting Ivanti VPN Vulnerabilities

• ESG Research Unearths Critical Insights for Future-Proofing Encryption and Key Management

• Mercedes-Benz Source Code Leaked via mishandled GitHub token

• Can cyber attacks cause societal panic in America

• Zero trust implementation: Plan, then execute, one step at a time

• Custom rules in security tools can be a game changer for vulnerability detection

• CISA Warns of Active Exploitation of Critical Vulnerability in iOS, iPadOS, and macOS

• Payment fraud is hitting organizations harder than ever before

• Third-Party Cybersecurity Risk Management: A Short Guide for 2024

• CVEMap: Open-source tool to query, browse and search CVEs

• Unpacking the challenges of AI cybersecurity

• Artificial Intelligence in Business: Challenges and Benefits

• Infosec products of the month: January 2024

• Navigating the Cyber security Maze for Small and Medium Business: How Quantum Spark 1900 & 2000 are Reshaping Security for SMBs and MSPs

• US Says It Disrupted a China Cyber Threat, but Warns Hackers Could Still Wreak Havoc for Americans

• US Says it Disrupted a China Cyber Threat, but Warns Hackers Could Still Wreak Havoc for Americans

• YouTube, Discord, and ‘Lord of the Rings’ Led Police to a Teen Accused of a US Swatting Spree

• Congress told how Chinese attackers plan to incite ‘societal chaos’ in the US

• YouTube, Discord, and ‘Lord of the Rings’ Led Police to a Teen Accused of a US Swatting Spree

• New Technology for an Old Industry – Coffee and Conversations podcast

• AppOmni Harnesses Google Data Center in Australia to Address Regional Demand for Specialised SaaS Security Solutions

• Biometric Authentication in Business: Enhancing Security

• Worried About AI Voice Clone Scams? Create a Family Password

• News alert: Reken raises $10M from Greycroft to protect against generative AI-enabled fraud

Generated on 2024-02-02 23:55:44.725437