IT Security News Daily Summary 2024-04-25

• Ring dinged for $5.6M after, among other claims, rogue insider spied on ‘pretty girls’

• AeroNet Wireless Launches 10Gbps Internet Plan: A Landmark Moment in Puerto Rico’s Telecommunications Industry

• Rubrik’s shares end trading up almost 16% on the company’s public debut

• Health insurance giant Kaiser will notify millions of a data breach after sharing patients’ data with advertisers

• CISA adds Cisco ASA and FTD and CrushFTP VFS flaws to its Known Exploited Vulnerabilities catalog

• What makes Starmus unique? – A Q&A with award-winning filmmaker Todd Miller

• Health insurance giant Kaiser notifies millions of a data breach

• Oracle Plans To Relocate HQ To Nashville

• USENIX Security ’23 – LibScan: Towards More Precise Third-Party Library Identification for Android Applications

• These SMBs are hot threat targets but they’re shrugging off security help

• AI Adoption Prompts Security Advisory from NSA

• N.A. Developers Optimistic About Generative AI and Code Security

• Net neutrality has been restored

• The Role of Threat Intelligence in Financial Data Protection

• The private sector probably isn’t coming to save the NVD

• disaster recovery (DR)

• North Korea’s Lazarus Group Deploys New Kaolin RAT via Fake Job Lures

• Cyber Hygiene Helps Organizations Mitigate Ransomware-Related Vulnerabilities

• Rubrik’s shares climb 20% in its public debut

• Two cuffed in Samourai Wallet crypto dirty money sting

• Meta Declines On Heavy AI Spending Plans, Despite Strong Q1

• Analyze Malicious Powershell Scripts by Running Malware in ANY.RUN Sandbox

• Women in Cybersecurity: ISC2 Survey Shows Pay Gap and Benefits of Inclusive Teams

• Is Your VPN Safe? Or Can It be Hacked?

• Wordfence Intelligence Weekly WordPress Vulnerability Report (April 15, 2024 to April 21, 2024)

• Facebook end to end encryption a Boon or a Bane

• Google Delays Removal Of Third-Party Cookies, Again

• “Junk gun” ransomware: the cheap new threat to small businesses

• A Five-Phase Strategy for Embracing Industry 4.0 with Cisco

• The CISO’s Top Priority: Elevating Data-Centric Security

• Predictive Security Startup BforeAI Raises $15 Million

• It’s All About Data: How to Drive Secure Use of AI

• ToddyCat APT Is Siphoning Data on ‘Industrial Scale’

• Discord Users’ Privacy at Risk as Billions of Messages Sold Online

• The P25 Steering Committee, the Compliance Assessment Process and Procedures Task Group (CAPPTG), and the Joint SAFECOM-NCSWIC P25 User Needs Working Group (UNWG) release Project 25 Link Layer Encryption Informational Session

• The best VPN routers of 2024

• CISA Releases Eight Industrial Control Systems Advisories

• Hitachi Energy MACH SCM

• Honeywell Experion PKS, Experion LX, PlantCruise by Experion, Safety Manager, Safety Manager SC

• Multiple Vulnerabilities in Hitachi Energy RTU500 Series

• Siemens RUGGEDCOM APE1808 Devices Configured with Palo Alto Networks Virtual NGFW

• Salt Security Enhances API Security Platform with OAuth Protection Package

• Ransomware Roundup – KageNoHitobito and DoNex

• How HTTP/2 Persistent Connections Help Improve Performance and User Experience

• Phishing Campaigns Targeting USPS See as Much Web Traffic as the USPS Itself

• Tesla Posts Biggest Revenue Drop Since 2012

• Navigating the Evolving Threat Landscape: Addressing 2024 CISO and Security Team Goals with MixMode

• Check Point Awarded AI Security Innovator of the Year at GISEC

• 3 ways AI is transforming cloud security, according to experts

• CISA adds Microsoft Windows Print Spooler flaw to its Known Exploited Vulnerabilities catalog

• Russia, Iran Pose Most Aggressive Threat To 2024 Election

• Palo Alto Networks Shares Remediation Advice

• FTC Sending $5.6 Million To Ring Customers Over Security Failures

• Nation-State Hackers Exploit Cisco Firewall Zero Days To Backdoor Government Networks

• Ring agrees to pay $5.6 million after cameras were used to spy on customers

• Autodesk Drive Abused in Phishing Attacks

• Palo Alto Networks Shares Remediation Advice for Hacked Firewalls

• US Takes Down Illegal Cryptocurrency Mixing Service Samourai Wallet

• NDR in the Modern Cybersecurity Landscape

• NIST’s role in the global tech race against AI

• How to turn on Private DNS Mode on Android (and why you should)

• Russia, Iran pose most aggressive threat to 2024 elections, say infoseccers

• Cyberattack Fallout: UnitedHealth Reveals Personal Data Breach Impact

• Unveiling Vulnerabilities in Microsoft PlayReady DRM: Impact on Streaming Platforms

• Stellar Cyber and Acronis team up to provide optimized threat detection solutions for MSPs

• Google Patches Critical Chrome Vulnerability and Additional Flaws

• Beware! Zero-click RCE Exploit for iMessage Circulating on Hacker Forums

• DOJ arrested the founders of crypto mixer Samourai for facilitating $2 Billion in illegal transactions

• Interview: Cydea’s Risk Management Platform, Understanding Not Eliminating Risk

• Female Tech Duo take Flight to Dubai to Launch the future of Cyber Leadership

• State-Sponsored Espionage Campaign Exploits Cisco Vulnerabilities

• The Importance of Data Hygiene with OpenText

• Mastering VirusTotal: Certification Course

• New DragonForce Ransomware Emerged From The Leaked LOCKBIT Builder

• Ex-NSA hacker and ex-Apple researcher launch startup to protect Apple devices

• The Student-Centric Experience: Technologies

• Data Breach Search Engines

• IBM to buy HashiCorp in $6.4 billion cash deal, expanding cloud portfolio

• Edgio Client-Side Protection enables organizations to secure critical customer data

• Endpoint Security Firm ThreatLocker Raises $115 Million in Series D Funding

• Vulnerabilities Expose Brocade SAN Appliances, Switches to Hacking

• FTC Sending $5.6 Million in Refunds to Ring Customers Over Security Failures

• WhyLabs AI Control Center offers teams real-time control over their AI applications

• Dropzone AI raises $16.85 million to combat advanced AI attacks

• Talos IR trends: BEC attacks surge, while weaknesses in MFA persist

• Popular File Transfer Software CrushFTP Hit by Zero-Day Exploit

• India’s ICICI Bank exposed thousands of credit cards to ‘wrong’ users

• Coalition Finds More Than Half of Cyber Insurance Claims Originate in the Email Inbox

• AI-driven cyber attacks to be the norm within a year, say security leaders

• How a YouTube Content Filter Can Give Your District More Control

• ESET integrates with Arctic Wolf to provide greater security visibility

• Network Threats: A Step-by-Step Attack Demonstration

• Apple iPhone Q1 Sales In China Fall 19 Percent, Says Counterpoint

• JudgeO Online Code Editor Flaw Let Attackers Execute Code as Root User

• The Rise of Large-Language-Model Optimization

• Sublime Security secures $20 million to strengthen cloud email security and visibility

• DOJ Arrests Founders of Crypto Mixer Samourai for $2 Billion in Illegal Transactions

• DragonForce Ransomware Group Uses LockBit’s Leaked Builder

• Attackers Leverage Black Hat SEO Techniques to Distribute Info-Stealer Malware

• IBM Acquiring HashiCorp for $6.4 Billion

• 56% of cyber insurance claims originate in the email inbox

• 11% of Cybersecurity Teams Have Zero Women

• Cyber Security Headlines: Chinese keyboard flaws, hacked news story, TikTok on the clock

• Should CISOs Be More Empathetic Towards Salespeople?

• Dropbox announces a number of security and data protection features

• Anatomy IT’s new Security Suite targets healthcare cybersecurity threats, improves incident response

• President Biden Signs TikTok Ban Or Divest Bill Into Law

• Vulnerabilities in Microsoft’s PlayReady DRM Could Enable Illegal Movie Downloads From Streaming Services

• Ring Customers Get $5.6 Million in Privacy Breach Settlement

• What to do in the age of the critical breach

• Appdome upgrades MOBILEBot Defense for tailored WAF integration

• AuditBoard AI automates important tasks for security teams

• Online Banking Security Still Not Up to Par, Says Which?

• Cyber Attack Defenders Up For Battle: Huge Uptick In Timely Detections

• Get a Lifetime Subscription of FastestVPN for just $40

• Cyber Attack Defenders Up For Battle: Huge Uptick In Timely Attack Detections

• Google fixed critical Chrome vulnerability CVE-2024-4058

• A System Administrator’s Challenges in Patch Management

• MITRE Breached – Hackers Chained 2 Ivanti Zero-days to Compromise VPN

• Patch Now! CrushFTP Zero-day Lets Attackers Download System Files

• Report: Security Leaders Braced for Daily AI-Driven Attacks by Year-End

• ArcaneDoor Hackers Exploit Cisco Zero-Days to Breach Government Networks

• Nagomi Security raises $30 million to help security teams improve their level of protection

• Fireblocks expands DeFi suite with threat detection features

• BEC and Fund Transfer Fraud Top Insurance Claims

• Alert! Cisco Releases Critical Security Updates to Fix 2 ASA Firewall 0-Days

• Feds Accuse Founders of Cryptocurrency Mixer of ‘Large-Scale Money Laundering’

• BforeAI raises $15 million to prevent attacks before they occur

• Pakistani APT Hackers Attacking Indian Govt Entities With Weaponized Shortcut Files

• Maping NIS2 requirements to the ISO 27001:2022 framework

• “You Can’t Protect What You Can’t See” Still Rings True. Why Observability Now.

• ITDR vs ISPM: Which Identity-first Product Should You Explore?

• New Microsoft Incident Response guide helps simplify cyberthreat investigations

• 5 ways a CNAPP can strengthen your multicloud security environment

• High Performance Podcast Duo to Unveil Secrets of Success at Infosecurity Europe 2024

• Unplugging PlugX: Sinkholing the PlugX USB worm botnet

• Indian bank’s IT is so shabby it’s been banned from opening new accounts

• State-Sponsored Hackers Exploit Two Cisco Zero-Day Vulnerabilities for Espionage

• Google Postpones Third-Party Cookie Deprecation Amid U.K. Regulatory Scrutiny

• Authorities Warned that Hackers Are Exploiting Flaws in CISCO ASA VPNs

• Maximum Severity Flowmon Bug has a Public Exploit, Patch Now

• Hackers Exploit Cisco Firewall Zero-Days to Hack Government Networks

• CISA Warns of Cisco and CrushFTP Vulnerabilities Being Actively Exploited

• Ransomware Attacks Shake Automotive and Beverage Industries

• Google Meet opens client-side encrypted calls to non Google users

• Applying DevSecOps principles to machine learning workloads

• Chinese, Russian Espionage Campaigns Increasingly Targeting Edge Devices

• Sifting through the spines: identifying (potential) Cactus ransomware victims

• 25 cybersecurity AI stats you should know

• Overcoming GenAI challenges in healthcare cybersecurity

• What is Penetration Testing: A comprehensive business guide

• 73% of SME security pros missed or ignored critical alerts

• Cisco Systems Joins Microsoft, IBM in Vatican Pledge to Ensure Ethical Use and Development of AI

• ISC Stormcast For Thursday, April 25th, 2024 https://isc.sans.edu/podcastdetail/8954, (Thu, Apr 25th)

• Facebook Has Repeatedly “Interfered” With US Elections Since 2008

• Australia’s spies and cops want ‘accountable encryption’ – aka access to backdoors

• Australia’s spies and cops want ‘accountable encryption’ – aka backdoors

• Does it matter if iptables isn’t running on my honeypot?, (Thu, Apr 25th)

• Transforming Tech: Why Leadership Must Start with Our Girls in STEM

• Governments issue alerts after ‘sophisticated’ state-backed actor found exploiting flaws in Cisco security boxes

• Critical CrushFTP zero-day vulnerability under attack

• Cradlepoint Adds SASE Platform for 5G Wireless Networks

• The vision behind Starmus – A Q&A with the festival’s co-founder Garik Israelian

• How technology drives progress – A Q&A with Nobel laureate Michel Mayor

• IT Security News Daily Summary 2024-04-24

• IBM Cyber Security Report 2024 – New

• Nation-state actors exploited two zero-days in ASA and FTD firewalls to breach government networks

• IBM Cyber Security Report: Unveiling the Evolving Threat Landscape

• Driving fast or braking hard? Your connected car may be telling your insurance company

• Retail Tech Deep-Dive: Meraki Switching

• Shouldn’t Teams, Zoom, Slack all interoperate securely for the Feds? Wyden is asking

• USENIX Security ’23 – Token Spammers, Rug Pulls, and Sniper Bots: An Analysis of the Ecosystem of Tokens in Ethereum and in the Binance Smart Chain (BNB)

• 7 Top Threat Intelligence Platforms & Software in 2024

• CoralRaider Group Delivers Three Infostealers via CDN Cache

• Security bugs in popular phone-tracking app iSharing exposed users’ precise locations

• Helping the health of our planet, one bottle at a time

• Cisco Raises Alarm for ‘ArcaneDoor’ Zero-Days Hitting ASA Firewall Platforms

• HelloKitty Ransomware Renames to ‘HelloGookie,’ Unveils CD Projekt and Cisco Data

• Hackers backdoored Cisco ASA devices via two zero-days (CVE-2024-20353, CVE-2024-20359)

• UnitedHealth Group Pays Ransom After Cyberattack: What You Need to Know

• CISA Adds Three Known Exploited Vulnerabilities to Catalog

• Cisco Releases Security Updates Addressing ArcaneDoor, Vulnerabilities in Cisco Firewall Platforms

• UK CMA Seeks Feedback On Microsoft, Amazon AI Partnerships

• Coalition: Insurance claims for Cisco ASA users spiked in 2023

• Security Bugs in a Popular Phone-Tracking App Exposed Users’ Precise Locations

• Microsoft cannot keep its own security in order, so what hope for its add-ons customers?

• Google Fires More Staff Over Israel Protest

• Prompt Hacking, Private GPTs, Zero-Day Exploits and Deepfakes: Report Reveals the Impact of AI on Cyber Security Landscape

• ‘ArcaneDoor’ Cyberspies Hacked Cisco Firewalls to Access Government Networks

• Google Ad for Facebook Redirects to Scam

• KnowBe4 Plans to Acquire Egress for Email Security Tech

• USENIX Security ’23 – Snapping Snap Sync: Practical Attacks on Go Ethereum Synchronising Nodes

• DirectDefense Report Sees Shifts in Cyberattack Patterns

• Here’s How to Remove Unnecessary Files from Your Android Phone’s Web Browser

• Where Hackers Find Your Weak Spots: A Closer Look

• ArcaneDoor – New espionage-focused campaign found targeting perimeter network devices

• Ransomware testing being done on developing countries

• Google yet again delays killing third-party cookies in Chrome. Here’s what you need to know

• GitHub vulnerability leaks sensitive security reports

• Iran Dupes US Military Contractors, Gov’t Agencies in Cyber Campaign

• Australian PM Hits Out At Elon Musk Over Knife Attack Video

• Celebrating a New Era in Partnering: NTT DATA and Cisco

• Expert Insight: ‘Minding the Gap’: How can we work to make cyber accessible for women?

• North Korean Hackers Hijack Antivirus Updates for Malware Delivery

• Navigating Vendor Speak: A Security Practitioner’s Guide to Seeing Through the Jargon

• Malware Author Lures Child Abusers Into Honeytrap to Extort Them

• Stock Market Scam in Bengaluru: Businessman Loses Rs 5.2 Crore

• Dark Web Nightmare: Scots NHS Patient Data Breach Exposes Medical Files

• US SEC Seeks $5.3 Billion Fine From Terra’s Do Kwon

• Phishing Attacks Rise By 58% As The Attackers Leverage AI Tools

• Management company settles for $18.4M after nuclear weapons plant staff fudged their timesheets

• Traditional MFA isn’t enough, phishing-resistant MFA is key

• Google cools on cookie phase-out while regulators chew on plans

• The Next Chapter of Behavioral Threat Assessment for Ontic and SIGMA

• 1Kosmos CSP enables government agencies to digitally verify resident identity

• CoralRaider Hacker Evade Antivirus Detections Using Malicious LNK File

• Multiple MySQL2 Flaw Let Attackers Arbitrary Code Remotely

• Hackers hijacked the eScan Antivirus update mechanism in malware campaign

• Tines Bags $50 Million Funding for Security Workflow Automation

• Cyberint platform enhancements boost protection against external threats

• US Congress Passes Bill to Ban TikTok

• Researchers develop malicious AI ‘worm’ targeting generative AI systems

• US charges Iranians with cyber snooping on government, companies

• 5 Best VPN Services (2024): For Routers, PC, iPhone, Android, and More

• Security bugs in a popular phone-tracking app exposed users’ precise locations

• Report: Attacker Dwell Time Down, Ransomware up in 2023

• Major Security Flaws Expose Keystrokes of Over One Billion Chinese Keyboard App Users

• Researchers Detail Multistage Attack Hijacking Systems with SSLoad, Cobalt Strike

• U.S. Treasury Sanctions Iranian Firms and Individuals Tied to Cyber Attacks

• US Sanctions Iranian “Fronts” for Cyber-Attacks on American Entities

• Multiple Vulnerabilities Found In Forminator WordPress Plugin

• Spyroid RAT Attacking Android Users to Steal Confidential Data

• Check Point Named Strategic Leader in AV-Comparatives EPR Report

• Hackers Publish Fake Story About Ukrainians Attempting To Assassinate Slovak President

• Threat Actor Uses Multiple Infostealers in Global Campaign

• CISA Warns of Windows Print Spooler Flaw After Microsoft Sees Russian Exploitation

• Nagomi Security Emerges From Stealth With $30 Million in Funding

• Amplifier Security Emerges From Stealth With AI Copilot, Human-in-the-Loop Automation

• Google Patches Critical Chrome Vulnerability

• Nigeria, Romania, Russia, U.S. Among Top Cybercrime Nations

• Zero Networks unveils identity segmentation solution to prevent credential theft

• Capture the CISO S2E2: HYAS, Nudge Security, and SlashNext

• Dexalot Announces Launch of Its Central Limit Order Book DEX on Arbitrum

• KnowBe4 acquires UK’s Egress to create advanced AI-driven platform to manage human risk

• Report: Fifth of UK Companies Admit Staff Leaked Data via GenAI

• Cybersecurity Trends and Predictions for 2024

• Tines taps $50M to expand its workflow automation beyond security teams

• US Gov Slaps Visa Restrictions on Spyware Honchos

• TikTok comes one step closer to a US ban

• Russian APT28 Exploiting Windows Vulnerability with GooseEgg Tool

• Cyber Security Today, April 24, 2024 – Good news/bad news in Mandiant report, UnitedHealth admits paying a ransomware gang, and more

• PoC for critical Progress Flowmon vulnerability released (CVE-2024-2389)

• Leeds Talent Pool Attracts BlueVoyant’s First UK Security Operations Center

• Researchers Uncover that UK.GOV Websites Sending Data to Chinese Ad Vendor Analysts

• Dan Solove on Privacy Regulation

• Veeam Acquires Coveware to Boost its Ransomware Protection Capabilities

• Prophet Security Emerges From Stealth Mode With $11 Million in Funding

• New Password Cracking Analysis Targets Bcrypt

• SD-WAN: Don’t Build a Dead End, Prepare for Future-Proof Secure Networking

• Comcast Business MDR limits the impact of cyber threats

• Global attacker median dwell time continues to fall

• Microsoft Launches Smallest AI Model, Phi-3-mini

• Popular Keyboard Apps Leak User Data: Billion Potentially Exposed

• FTC Commercial Surveillance Rules Could Arrive Within Months, Sources Say

• North Korean Hackers Targeted Dozens of South Korean Defense Companies

• New Relic AI monitoring helps enterprises use AI with confidence

• Security Leaders Braced for Daily AI-Driven Attacks by Year-End

• ShotSpotter Keeps Listening for Gunfire After Contracts Expire

• US Treasury Sanctions Iranians Linked to Government Cyberattacks

• GISEC Global 2024 video walkthrough

• Secureworks enables users to view known vulnerabilities in the context of threat data

• Cyber Security Headlines: Iranian hackers charged, Siemens fixing Palo bug, Russia hacks water plant

• US Senate Passes TikTok Ban Or Divestment Bill

• Autodesk hosting PDF files used in Microsoft phishing attacks

• Assessing the Y, and How, of the XZ Utils incident

• Siemens Working on Fix for Device Affected by Palo Alto Firewall Bug

• The 5 Best Practices for PCI DSS Compliance

• Binarly releases Transparency Platform v2.0 to improve software supply chain security

• CISO Perspectives on Complying with Cybersecurity Regulations

• Major Security Flaws Expose Keystrokes of Over 1 Billion Chinese Keyboard App Users

• Cyber Security Headlines: RedLine GitHub connection, MITRE Ivanti breach, E-ZPass spoof sites

• Cyber Security Headlines: TikTok ban update, Sandworm hits Ukraine, North Korean streaming animators

• We’ll Invest in Resilience as Soon as the Ransom Payment Clears

• Cyber Security Today, April 22, 2024 – Vulnerability found in CrushFTP file transfer software, security updates for Cisco’s controller management application, and more

• Cyber Security Today, April 24, 2024 – Good news/bad news in Mandiant report, UnitedHealth admits paying a ransomware gang, and more

• Google’s Core Update is ‘Biggest’ Algorithm Update in History

• Swedish Signals Intelligence Agency to Take Over National Cybersecurity Center

• People Doubt Their Own Ability to Spot AI-Generated Deepfakes

• 5 Ways to Step Up Your AD Hygiene with Silverfort

• Prophet Security emerges from stealth and raises $11 million

• Photos: GISEC Global 2024

• Fifth of CISOs Admit Staff Leaked Data Via GenAI

• Ransomware Victims Who Opt To Pay Ransom Hits Record Low

• January 2024 Cyber Attacks Statistics

• Pentagon Launches DIB Vulnerability Disclosure Program

• Understanding and Responding to Distributed Denial-of-Service Attacks

• IBM Nearing Talks to Acquire Cloud-software Provider HashiCorp

• Back to Security Basics

• North Korean Hackers Target Dozens of Defense Companies

• Trend Micro Collaborated with Interpol in Cracking Down Grandoreiro Banking Trojan

• “All for One and One for All”: The EU Cyber Solidarity Act Strengthens Digital Defenses

• UK IT Leaders Are Prioritizing Cybersecurity: But Is This a Good Thing?

• Implementing ISO 27001:2022 Annex A.17 – Information Security Aspects of Business Continuity Management

• eScan Antivirus Update Mechanism Exploited to Spread Backdoors and Miners

• Overcoming security alert fatigue

• Rewards Up to $10 Million for Information on Iranian Hackers

• If Britain is so bothered by China, why do these .gov.uk sites use Chinese ad brokers?

• The street lights in Leicester City cannot be turned off due to a cyber attack

• US offers a $10 million reward for information on four Iranian nationals

• Study: GPT-4 Agent can Exploit Unpatched Vulnerabilities

• T2 – 94,584 breached accounts

• Change healthcare faces data leak threat despite paying $22 million as ransom

• Strategies for Building Resilient Cloud Security in Small and Medium Enterprises (SMEs)

• CoralRaider Malware Campaign Exploits CDN Cache to Spread Info-Stealers

• $10 Million Bounty on Iranian Hackers for Cyberattacks on US Gov, Defense Contractors

• GenAI can enhance security awareness training

• Four ways to make yourself a harder target for cybercriminals

• Cybersecurity jobs available right now: April 24, 2024

• AI set to play key role in future phishing attacks

• The relationship between cybersecurity and work tech innovation

• eBook: Cloud security skills

• ISC Stormcast For Wednesday, April 24th, 2024 https://isc.sans.edu/podcastdetail/8952, (Wed, Apr 24th)

• API Rug Pull – The NIST NVD Database and API (Part 4 of 3), (Wed, Apr 24th)

Generated on 2024-04-25 23:55:11.709009