IT Security News Daily Summary 2024-02-13

• How AI is strengthening XDR to consolidate tech stacks

• IBM, ISC2 Offer Free Cybersecurity Certificate

• Fat Patch Tuesday, February 2024 Edition

• Don’t Understand RADIUS and TACACS+? Cisco has You Covered

• A ransomware attack took 100 Romanian hospitals down

• JFK Airport Taxi Hackers Sentenced To Prison

• Ivanti Vuln Exploited To Deliver New DSLog Backdoor

• What Is Volt Typhoon And Why Is It The Defining Threat Of Our Generation?

• Azure Account Takeover Campaign Targets Senior Execs

• DNA Testing: What Happens If Your Genetic Data Is Hacked?

• Ransomware gang claims it hit Canadian oil pipeline operator

• Data Matters ? Is Your API Security Data Rich or Data Poor?

• Say Goodbye to Monolithic EdgeWorkers: Introducing Flexible Composition (Part 2)

• Duo Jailed for Hacking JFK Taxi Dispatch System

• VERT Threat Alert: February 2024 Patch Tuesday Analysis

• How to conduct a social engineering penetration test

• CVE-2024-21412: Water Hydra Targets Traders with Microsoft Defender SmartScreen Zero-Day

• SmartScreen Vulnerability: CVE-2024-21412 Facts and Fixes

• Cisco Live EMEA 2024: Highlights from DevNet

• A Hacker’s Mind is Out in Paperback

• Warning: Phishing campaign aimed at senior executives

• Key Findings from CrowdStrike’s 2024 State of Application Security Report

• QNAP vulnerability disclosure ends up an utter shambles

• ALPHV blackmails Canadian pipeline after ‘stealing 190GB of vital info’

• Microsoft Confirms Windows Exploits Bypassing Security Features

• News alert: Kiteworks named as a founding member of NIST’s new AI safety consortium – ‘AISIC’

• Microsoft patches two zero-days exploited by attackers (CVE-2024-21412, CVE-2024-21351)

• OpenAI’s Sam Altman Seeks Trillions To Overhaul Chip Industry – Report

• ARM Shares Nearly Double Amid AI Surge

• Proofpoint: ‘Hundreds’ of Azure accounts compromised

• Bank of America customer data compromised after a third-party services provider data breach

• ALPHV blackmails Canadian pipeline and claims it stole 190GB of vital info

• First Microsoft Patch Tuesday zero-day of 2024 disclosed as part of group of 75 vulnerabilities

• Ransomware preparedness kicks off 2024 summit series

• Navigating the Web of Romance Scams: A Guide for Businesses and Consumers

• ‘Incompetent’ FCC Fiddles With Data Breach Rules

• Show your digital devices some love this Valentine’s Day

• Don’t tell your AI anything personal, Google warns in new Gemini privacy notice

• RoboForm Review (2024): Pricing, Features, Pros, & Cons

• Ivanti VPN Flaws Exploited by DSLog Backdoor and Crypto Miners

• Security and AI Innovation: Creating New Opportunities for Partner Growth

• Evolution and Escalation of Cybersecurity Threats

• Patch Tuesday: Adobe Warns of Critical Flaws in Widely Deployed Software

• Serious IT incidents in Canadian financial sector almost tripled in 2023

• Southern Water Notifies Customers and Employees of Data Breach

• Integration Security and Safety When Connecting With External Systems

• Meet Laika 13, the AI Chatbot That Acts Like a Social Media Obsessed Adolescent

• Remote Monitoring & Management software used in phishing attacks

• TheTruthSpy stalkerware, still insecure, still leaking data

• French Healthcare Payments Processor Breaches Affect Half of Population

• Use of ‘Hunter-Killer’ Malware on the Rise, Study Finds

• Bank of America Customers at Risk After Data Breach

• Apple, Microsoft Win Exemption From EU Gatekeeper Designation

• CISA Reveals JCDC’s 2024 Cybersecurity Priorities

• Bridging the Digital Divide with Subscriber Edge

• The Rise of RustDoor and ALPHV Ransomware

• Cybercrime in Scotland upsurges like an Epidemic

• Hewlett-Packard Tells Court It Lost $4 Billion From Autonomy Acquisition

• Hybrid Cloud Backup: A Comprehensive Guide To Securing Your Data

• Mitsubishi Electric MELSEC iQ-R Series Safety CPU

• CISA Releases One Industrial Control Systems Advisory

• Fertility tracker Glow fixes bug that exposed users’ personal data

• How AI-Powered Risk Management Supports Cybersecurity

• NIST Establishes AI Safety Consortium

• Experience DISTRIBUTECH 2024 with Cisco

• JFK Airport Taxi Hackers Sentenced to Prison

• Bank of America Customer Data Stolen in Data Breach

• Willis Lease Finance Corp Discloses Cyberattack

• Sumsub Deepfake Detection combats AI-driven identity fraud

• PikaBot Resurfaces with Streamlined Code and Deceptive Tactics

• Glupteba Botnet Evades Detection with Undocumented UEFI Bootkit

• US, UK and India Among the Countries Most At Risk of Election Cyber Interference

• Beyond the Charts -The Human Factor in Cybersecurity and Financial Decisions

• Data residency: What is it and why it is important?

• Seal Security wants to make open-source vulnerability remediation easy

• Security Flaw in CoCalc: One Click and Your Cloud is Ruined

• Patch now! Roundcube mail servers are being actively exploited

• Crooks hook hundreds of exec accounts after phishing in Azure C-suite pond

• You Can’t Stop What You Can’t See: Addressing Encrypted Cloud Traffic

• Survey Surfaces Disconnect Between Cybersecurity Confidence and Reality

• FTC Issues Alert: Americans’ Fraud Losses Soar to $10 Billion in 2023

• Notorious Bumblebee Malware Re-emerges with New Attack Methods

• Reshaping the Focus of Cybersecurity

• MGM & Caesars Cyberattacks: Lessons Learned

• Stalkerware App “TheTruthSpy” Hacked Again, 50,000 Device Data Stolen

• Ivanti Vulnerability Exploited to Deliver New ‘DSLog’ Backdoor

• Microsoft Copilot: A Visual Revolution in AI Image Editing

• Openreach Confirms Faster Fibre Speeds From 1 April

• DarkGate Malware opens RaaS For Financially Motivated Hackers

• Get to Know Check Point Harmony SASE

• The We Are Cisco Singers: The Power of Authenticity and Connection

• Seeing is Believing… and Securing

• ICS Patch Tuesday: Siemens Addresses 270 Vulnerabilities

• Fileless Revenge RAT Abuses Legitimate Tools to Hide Malicious Activity

• Designing for Security

• How to Onboard and Protect Remote Teams With Secure Cloud Environments

• Ransomfeed – Third Quarter Report 2023 is out!

• Molly White Reviews Blockchain Book

• 1-15 December 2023 Cyber Attacks Timeline

• Warzone RAT infrastructure seized

• Global malicious activity targeting elections is skyrocketing

• Sigma Software Studio unifies and streamlines software development processes

• Midnight Blizzard and Cloudflare-Atlassian Cybersecurity Incidents: What to Know

• New Vulnerability in QNAP QTS Firmware: CVE-2023-50358

• Security Considerations in Kubernetes

• Securing Your AWS RDS Instances: Best Practices and Examples

• CISA Warns of Roundcube Webmail Vulnerability Exploitation

• Ransomware Attack Knocks 100 Romanian Hospitals Offline

• Detecting Volt Typhoon TTPs – Security Spotlight

• Nucleus Security raises $43 million to redefine how businesses manage their attack surface

• Silicon UK In Focus Podcast: The Mobile Society

• Global Authorities Examine 58 Cyberattacks Linked to North Korea, Valued at $3 Billion

• Attackers injected novel DSLog backdoor into 670 vulnerable Ivanti devices (CVE-2024-21893)

• Biden Administration Joins TikTok, Despite Security Concerns

• New Azure Hacking Campaign Steals Senior Executive Accounts

• Global Malicious Activity Targeting Elections is Skyrocketing

• UK Businesses Lose £31bn to Security Breaches in a Year

• 3 Tips for Enterprise Patch Management

• How Your Mobile Apps Leak Sensitive Data?

• Roundcube webmail XSS vulnerability exploited by attackers (CVE-2023-43770)

• Stealthy “Hunter-Killer” Malware Detections Surge 333% Annually

• Meta says risk of account theft after phone number recycling isn’t its problem to solve

• Ivanti Vulnerability Exploited to Install ‘DSLog’ Backdoor on 670+ IT Infrastructures

• Top Ransomware news headlines trending on Google

• Turk Hack Team Attacked the World’s Largest Cooperative Finance

• Bypassing EDRs With EDR-Preloading

• Hunter-Killer Malware Tactic Growing: Stealthy, Persistent and Aggressive

• The future of cybersecurity: Anticipating changes with data analytics and automation

• Infosys subsidiary named as source of Bank of America data leak

• Protecting against AI-enhanced email threats

• Protesters gather outside OpenAI office, opposing military AI and AGI

• 2023 Cybersecurity Regulation Recap (Part 4): Tech Development & Governance

• Product showcase: SearchInform Risk Monitor – next-gen DLP based insider threat mitigation platform

• How purple teaming enhances inter-team collaboration and effectiveness in cybersecurity

• Alert: CISA Warns of Active ‘Roundcube’ Email Attacks – Patch Now

• QR code attacks target organizations in ways they least expect

• Warning: Hackers Exploit 3 Well-known Flaws in Microsoft Word & Excel

• Korean eggheads crack Rhysida ransomware and release free decryptor tool

• What is a Data Leak? Causes, Examples, and Prevention

• Montreal duo launch free cybersecurity training platform

• Researchers released a free decryption tool for the Rhysida Ransomware

• VulnRecap 2/12/24: Ivanti, JetBrains, Fortinet, Linux Issues

• IT Security News Daily Summary 2024-02-12

• US Takes Down Notorious Warzone RAT Malware Operation, Arrests 2

• Hackers uncover new TheTruthSpy stalkerware victims: Is your Android device compromised?

• 5 reasons why I use Firefox when I need the most secure web browser

• CISA warns Fortinet zero-day vulnerability under attack

• Facebook Reportedly Considering Censoring The Word “Zionist”

• Breaking Bitlocker

• Cybersecurity and the Law: Taking Proactive Steps Before Needing Legal Action

• Single Sign-On with Fortra IdP

• Benefits and challenges of managed cloud security services

• LogonBox VPN 2.4.6 – Now Available

• Tune In: Simplifying Network Automation with NetGru

• Managing IoT Edge Devices at Scale: Device Lifecycle and Configuration Management

• 2023’s Critical WordPress Vulnerabilities and How They Work

• ExpressVPN Bug Leaked DNS Requests for Windows Users

• New Ivanti Secure VPN Zero-Day Vulnerabilities and Patches

• 2023 Wordfence Critical Vulnerability Research in Review

• Russian Court Orders Arrest Of Meta Spokesman

• Secure a reliable cyber security education for $46

• A Backroom Deal Looms Over Section 702 Surveillance Fight

• CISA adds Roundcube Webmail Persistent XSS bug to its Known Exploited Vulnerabilities catalog

• Do Any HTTP Clients Not Support SNI?

• Voting Against the Surveillance State | EFFector 36.2

• Ransomware review: February 2024

• FCC gets tough: Telcos must now tell you when your personal info is stolen

• Dutch insurers demand nudes from breast cancer patients despite ban

• Vulnerability Summary for the Week of February 5, 2024

• FCC gets tough: Telcos must now tell you when your PII is stolen

• Critical Fortinet FortiOS flaw exploited in the wild (CVE-2024-21762)

• Ransomware Attack Disrupts Services in 18 Romanian Hospitals

• Starlink Not Used By Russian Troops, Says Moscow

• Revolutionizing Fan Engagement: Cisco’s High-Density WiFi Transforms Stadium Experiences

• crisis management plan (CMP)

• CISA Adds One Known Exploited Vulnerability to Catalog

• Cisco Co-Selling Made Simple: Activate

• On Passkey Usability

• If only you had to worry about malware, with Jason Haddix: Lock and Code S05E04

• Jet engine dealer to major airlines discloses ‘unauthorized activity’

• US Authorities Shut Down Sites Selling the WarZone RAT

• D3 Security Integrates Smart SOAR Platform with CrowdStrike to Accelerate Threat Response

• Persistent Data Retention: Google and Gemini Concerns

• Sophisticated Cyber-Attack Hits Islamic Charity in Saudi Arabia

• French Prosecutors Raid Huawei Office

• Ongoing Azure Cloud Account Takeover Campaign Targeting Senior Personnel

• China Targets US Hacking Ops in Media Offensive

• Jeff Bezos Offloads $2 Billion Worth Of Amazon Shares

• 3 Well-known Microsoft Word & Excel Flaws Abused by hackers Widely

• I tested iOS 17.3.1: What’s inside, who needs it, and how it affected my iPhone

• U.S. Authorities Shut Down Sites Selling the WarZone RAT

• Privacy Watchdog Issues Warning

• Spear Phishing attacks on Microsoft365 and Azure Accounts

• Huge Surge in Hackers Exploiting QR code for Phishing Attacks

• A Valentine’s warning about heartbreak hackers

• Applying Zero-Trust to Voice Networks and the 5G Core

• Microsoft’s Super Bowl Pitch: We Are Now an AI Firm

• What Is The Virtual Chief Information Security Officer?

• US Dismantled Sophisticated Warzone RAT, Key Operators Arrested

• Build a Digital Collectibles Portal Using Flow and Cadence (Part 1)

• Google Cloud’s Nick Godfrey Talks Security, Budget and AI for CISOs

• AI-generated voices in robocalls are illegal, rules FCC

• OneTrust platform enhancements accelerate AI adoption

• Diving Into Glupteba’s UEFI Bootkit

• QR Code Scam: Fake Voicemails Target Users, 1000 Attacks in 14 Days

• Extending the Breadth and Depth of our Partnerships – JCDC 2024 Priorities

• Priorities of the Joint Cyber Defense Collaborative for 2024

• Canada Gov plans to ban the Flipper Zero to curb car thefts

• Stealthy Cyberespionage Campaign Remained Undiscovered for Two Years

• ExpressVPN User Data Exposed Due to Bug

• The Service Accounts Conundrum: What They Are and How to Secure Them

• CIS ESS Mobile offers visibility into blind spots on mobile devices

• Satellite Images Point to Indiscriminate Israeli Attacks on Gaza’s Health Care Facilities

• Action1 Extends Automated Patching Capability to Groups of Endpoints

• Bugcrowd raises $102 million to boost AI-powered crowdsourced security platform

• Rhysida Ransomware Cracked, Free Decryption Tool Released

• Malicious Campaign Impacts Hundreds of Microsoft Azure Accounts

• Are People Problems Blocking Your Secure Cloud Migration?

• The Hidden Injustice of Cyberattacks

• Cyber Security Today, Feb. 12, 2024 – US seizes a website selling the Warzone malware

• Cisco To Cut ‘Thousands Of Jobs’ – Report

• Bug bounty leader Bugcrowd reaches $1 billion valuation with latest funding

• Top 6 Endpoint Detection & Response (EDR) Solutions in 2024

• Introducing Cisco Breach Protection Premier

• Europe’s largest caravan club admits wide array of personal data potentially accessed

• RustDoor Malware Deceives macOS Users with Visual Studio Update Scam

• Visa extends its digital wallet capabilities to minimize the risk of fraud

• Bugcrowd Raises $102 Million

• Why Real-Time Behavior Analytics is Critical

• Elon Musk Ordered To Testify In SEC Twitter Takeover Probe

• VPN Log vs. Zero-Log Policy: A Comprehensive Analysis

• Decryptor for Rhysida ransomware is available!

• 2054, Part VI: Standoff at Arlington

• ExpressVPN leaked DNS requests due to a bug in the split tunneling feature

• Warzone RAT Shut Down by Law Enforcement, Two Arrested

• Exploitation of Another Ivanti VPN Vulnerability Observed

• CISA and OpenSSF Release Framework for Package Repository Security

• 4 Ways Hackers use Social Engineering to Bypass MFA

• US Offers $10m Reward for Hive Ransomware Leaders

• Bugcrowd snaps up $102M for a ‘bug bounty’ security platform that taps 500K+ hackers

• Why Are Compromised Identities the Nightmare to IR Speed and Efficiency?

• ExpressVPN Flaw Exposes Some the DNS Requests to Third-Party Server

• US Dismantles Warzone RAT Malware Operation

• This botched migration shows why you need to deal with legacy tech

• 5 Key Findings from the Business Email Compromise (BEC) Trends Report

• Leveraging AI LLMs to Counter Social Engineering: A Psychological Hack-Back Strategy

• Is Generative AI about to scam us all?

• US Feds arrested two men involved in the Warzone RAT operation

• 9 Possible Ways Hackers Can Use Public Wi-Fi to Steal Your Sensitive Data

• A week in security (February 5 – February 11)

• US Consumers Lose a Record $10bn+ to Fraud Last Year

• Mon Dieu! Nearly half the French population have data nabbed in massive breach

• Hackers Leak Alleged Partial Facebook Marketplace Database

• Uncovering the Deceptive Tactics of Chinese Websites Mimic as Local News

• New Android MoqHao Malware Executes Automatically on Installation

• Integrating cybersecurity into vehicle design and manufacturing

• Microsoft Introduces Linux-Like ‘sudo’ Command to Windows 11

• RustDoor malware targets macOS users by posing as a Visual Studio Update

• Google to block mass emails to its Gmail users from April 2024

• Essential Knowledge for Aspiring Cybersecurity Analysts: A Comprehensive Guide

• Jason Haddix on Bug Bounties and Cybersecurity Career Growth

• Ransomware tactics evolve, become scrappier

• Hacking the flow: The consequences of compromised water systems

• U.S. Offers $10 Million Bounty for Info Leading to Arrest of Hive Ransomware Leaders

• SiCat: Open-source exploit finder

• 2024 cybersecurity outlook: A wave of global threats on the horizon

• Should I get CISM Certified?

• Should I get CISSP Certified?

• A personal experience of CISSP boot camp

Generated on 2024-02-13 23:55:55.199607