IT Security News Daily Summary 2024-02-24

• A Vending Machine Error Revealed Secret Face Recognition Tech

• White House Wades Into Debate on ‘Open’ Versus ‘Closed’ Artificial Intelligence Systems

• USENIX Security ’23 – Dawei Wang, Ying Li, Zhiyu Zhang, Kai Chen – CarpetFuzz: Automatic Program Option Constraint Extraction from Documentation for Fuzzing

• Nation-State Cyber Attacks Cause Pharmacy Delays: A Critical Healthcare Concern

• Critical DNS Bug Poses Threat to Internet Stability

• Recent Joomla Update Brings Multiple Security Fixes

• Russian Ministry Software Backdoored with North Korean KONNI Malware

• Russian hacker is set to face trial for the hack of a local power grid

• Cybercriminals Exploit Google Cloud Run in Extensive Banking Trojan Scheme

• PyRIT – A Red Team Tool From Microsoft For Generative AI Systems

• A Look At Threat Intel, Through The Lens Of The r77 Rootkit

• Here’s Why Robust Space Security Framework is Need of the Hour

• PSYOP campaigns targeting Ukraine – Week in security with Tony Anscombe

• A Mysterious Leak Exposed Chinese Hacking Secrets

• AI’s Dark Side: Splunk Report Forecasts Troubled Trends in Privacy and Security

• ConnectWise ScreenConnect Vulnerability: Navigating the Breach Risk

• Begin a career in IT with this cybersecurity training bundle

• Microsoft Expands Free Logging Capabilities for all U.S. Federal Agencies

• Conti Ransomware Gang’s Russia-Based Music Album Labels and Plastika Recording Studio – An OSINT Analysis

• Outlook Users Beware 0-Day Exploit Released On Hacking Forums

• Why Do We Need Endpoint Security in 2024?

• Resilience to Acquire BreachQuest for an undisclosed price

• Remediation and Hardening Guide for ConnectWise ScreenConnect Vulnerabilities (CVE-2024-1708 and CVE-2024-1709)

• 2024-02-09, 02-22 and 02-23 – Data dump: Latrodectus from Contact Forms campaign

• Business Cloud Security: Protecting Cloud Assets

• Nevada AG Asks Court to Ban Meta from Providing End-to-End Encryption to Minors

• Data From Chinese Security Services Company i-Soon Linked to Previous Chinese APT Campaigns

• Generative AI, IAM, culture-based programs will shape cybersecurity in 2024, Gartner says

• Insider Threat Mitigation: Strategies for Businesses

• Announcing the Smart SOAR Documentation Site

• The U.S. Military Is Monitoring Another High Altitude Balloon

• U-Haul Tells 67k Customers Crooks Drove Away With Their Personal Data

• Rotech Says Third Party Hacked Partner Philips Respironics

• Avast Ordered To Stop Selling Browsing Data From Its Browsing Privacy Apps

• 2024 is Here:  Will This Be the Year We Get Passwords Right?

• Updated: Top Cyber Actions for Securing Water Systems

• 230K individuals impacted by a data breach suffered by Telco provider Tangerine

• LockBit extorted billions of dollars from victims, fresh leaks suggest

• IT Security News Daily Summary 2024-02-23

• Hackers Leak 2.5M Private Plane Owners’ Data Linked to LA Intl. Airport Breach

• Microsoft released red teaming tool PyRIT for Generative AI

• EFF Urges Ninth Circuit to Reinstate X’s Legal Challenge to Unconstitutional California Content Moderation Law

• February 2024 Web Server Survey

• Avast Hit With $16.5 Million Fine for Selling Customer Data

• U-Haul tells 67K customers that cyber-crooks drove away with their personal info

• Cyber Security Today, Week in Review for week ending Friday, Feb. 23, 2024

• Get the most out of Microsoft Copilot for Security with good prompt engineering

• Announcing Microsoft’s open automation framework to red team generative AI Systems

• Breaking news: RCMP facing ‘alarming’ cyber attack

• Sintrex Wins 2024 ThousandEyes Integration Partner of the Year EMEA

• Ransom-War Escalation: The New Frontline in Cyber Warfare

• Reducing Burnout and Increasing SOC Retention: How Leaders Can Improve Their Employees’ Lives and Improve Security

• Daniel Stori’s ‘Rest Easy, Sysadmin’

• EFF Opposes California Initiative That Would Cause Mass Censorship

• Dormant PyPI Package Compromised to Spread Nova Sentinel Malware

• Advocating for Inclusion in Tech

• The Future of MATIC and What to Expect in 2024

• USENIX Security ’23 – Hui Peng, Zhihao Yao, Ardalan Amiri Sani, Dave (Jing) Tian, Mathias Payer – GLeeFuzz: Fuzzing WebGL Through Error Message Guided Mutation

• Secure Your API With These 16 Practices With Apache APISIX (Part 1)

• Using SD-WAN for securing distributed renewable energy

• Spyware leak offers ‘first-of-its-kind’ look inside Chinese government hacking efforts

• AIs Hacking Websites

• Navigating Cybersecurity Challenges with the Essential Eight

• Joomla! patches XSS flaws that could lead to remote code execution

• LockBit identity reveal a bigger letdown than Game of Thrones Season 8

• Operation Cronos: Who Are the LockBit Admins

• $2,063 Bounty Awarded for Unauthenticated SQL Injection Vulnerability Patched in Ultimate Member WordPress Plugin

• AT&T Denies Outage Was Due To Cyberattack

• Signal21 Beta Launch Bridges Gap in Blockchain Intelligence Services

• Enabling Compliance and Security in AI-Driven, Low-Code/No-Code Development

• New Facebook Funeral Scam Targets Grieving Families

• Calling, the Cloud, and the New Era of Collaboration

• Analysis: AI-Driven Online Financial Scams Surge

• Cybersecurity Breach Hits Global Software Developer PSI Software SE

• Indian Authorities Probes Data Breach Concerns Involving PMO and EPFO

• Repeat Ransomware attacks on 78% of victims who pay

• What Is an Application Level Gateway? How ALGs Work

• Tips To Help GitHub Admins Prepare A Company For SOC 2 And ISO 27001 Audits

• The Use of Machine Learning in Cybersecurity: Threat Detection and Prevention

• Hackers Exploit ConnectWise Bugs to Deploy LockBit Ransomware

• Intuitive Machines Becomes First Commercial Firm To Land On Moon

• What Is Identity and Access Management (IAM)?

• In Other News: Spyware Vendor Shutdown, Freenom-Meta Settlement, 232 Threat Groups

• Apple Shortcuts Vulnerability Exposes Sensitive Information

• Toward Better Patching — A New Approach with a Dose of AI

• Watch Now: Cloudy With a Chance of Threats: The Active Threat Landscape in the Cloud

• Securing Sensitive Information in Cloud Repositories

• Exploring the Spike in Data Breaches in 2023

• How to Properly Handle Cyber Security Incident Management

• Update now! ConnectWise ScreenConnect vulnerability needs your attention

• Tips on meeting complex cloud security challenges

• ICO Bans Serco Leisure’s Use of Facial Recognition for Employee Attendance

• NSFOCUS Innovative DDoS Protection Technology Secures Your Network Perimeter

• Organizations Unprepared to Face Cloud Security Threats

• Intruders in the Library: Exploring DLL Hijacking

• Deepfake Threat: $2 Deceptive Content Undermines Election Integrity

• Exploring the Nexus Between DevSecOps and Cybersecurity

• Bridging innovation and standards compliance: Red Hat’s drive towards the next-generation of government computing standards

• Delivering a better view of system vulnerabilities with Red Hat Insights

• Cyber Security Today, Feb. 23, 2024 – A cyber warning on the second anniversary of Russia’s invasion of Ukraine, and more LockBit news

• GM Cruise To Resume Robotaxi Tests On Public Roads – Report

• 230k Individuals Impacted by Data Breach at Australian Telco Tangerine

• ‘SlashAndGrab’ ScreenConnect Vulnerability Widely Exploited for Malware Delivery

• How to Use Tines’s SOC Automation Capability Matrix

• Microsoft Releases PyRIT – A Red Teaming Tool for Generative AI

• As India Prepares for Elections, Government Silences Critics on X with Executive Order

• ALPHV Ransomware Strikes: LoanDepot and Prudential Financial Targeted

• Checklist: Network and Systems Security

• Avast ordered to pay $16.5 million for misuse of user data

• 78% of Organizations Suffer Repeat Ransomware Attacks After Paying

• Microsoft Releases Red Teaming Tool for Generative AI

• AT&T Says the Outage to Its US Cellphone Network Was Not Caused by a Cyberattack

• CISA And FBI Share Cyber Attack Defenses For Securing Water Systems

• Cyber Mindfulness Corner Company Spotlight: Jamf

• MIWIC24: Plexal Alumni Receive Multiple Nominations From Peers at This Year’s Awards

• Hackers are exploiting ConnectWise flaws to deploy LockBit ransomware, security experts warn

• New Infostealer Malware Attacking Oil and Gas Industry

• Researchers Detail Apple’s Recent Zero-Click Shortcuts Vulnerability

• X protests forced suspension of accounts on orders of India’s government

• New infosec products of the week: February 23, 2024

• The old, not the new: Basic security issues still biggest threat to enterprises

• Cyber Attack news headlines trending on Google

• Top 7 best Practices for Mobile Security in a BYOD Environment

• 2024 will be a volatile year for cybersecurity as ransomware groups evolve

• Secure email gateways struggle to keep pace with sophisticated phishing campaigns

• Business Data Backup and Recovery Planning

• Cybersecurity in the Age of Remote Work

• 92% of companies eyeing investment in AI-powered software

• Leaked documents may show the inside of China’s hacking strategy

• FTC Slams Avast with $16.5 Million Fine for Selling Users’ Browsing Data

• The Real Deal About ZTNA and Zero Trust Access

• Is the Justice Department Even Following Its Own Policy in Cybercrime Prosecution of a Journalist?

• Here Are the Secret Locations of ShotSpotter Gunfire Sensors

• UnitedHealth says Change Healthcare hacked by nation state, as pharmacy outages drag on

• CISA orders federal agencies to fix ConnectWise ScreenConnect bug in a week

• Avast shells out $17M to shoo away claims it peddled people’s personal data

• Cybersecurity’s Class Conundrum

Generated on 2024-02-24 23:55:42.833312