IT Security News Daily Summary 2024-05-11

• Ohio Lottery data breach impacted over 538,000 individuals

• Ascension Cyber Attack Heightens Focus on Healthcare Cybersecurity Measures

• Microsoft Introduces Innovative AI Model for Intelligence Analysis

• Critical infrastructure security will stay poor unless everyone pulls together

• USENIX Security ’23 – Don’t be Dense: Efficient Keyword PIR for Sparse Databases – Distinguished Paper Award Winner

• New Cuckoo Malware Targeting macOS Users to Steal Sensitive Data

• The Mask: A Resilient Espionage Group Returns After a Decade

• Notorius threat actor IntelBroker claims the hack of the Europol

• RSA Conference 2024: AI hype overload

• It’s a wrap! RSA Conference 2024 highlights – Week in security with Tony Anscombe

• In it to win it! WeLiveSecurity shortlisted for European Security Blogger Awards

• How to talk about climate change – and what motivates people to action: An interview with Katharine Hayhoe

• Unpatchable VPN Vulnerability Exposes Data to Attackers: What You Need to Know

• Latvian TV Channels Hacked to Broadcast Russian Victory Day Parade

• Spike in Layoffs Pose Serious Cybersecurity Concerns

• Thousands Of Women Sent Naked Photos To Facebook “Lactation Consultant” Scammer

• Microsoft Deploys Generative AI for US Spies

• A cyberattack hit the US healthcare giant Ascension

• Health Care Network in Crisis: Cyberattack Shuts Down Operations Across US

• PoC Released for Critical PuTTY Private Key Recovery Vulnerability

• GFTrace- A Command Line Windows API Tracing Tool For Golang Binaries

• Attack Makes Autonomous Vehicle Tech Ignore Road Signs

• How to Get PCI Compliance Certification? Steps to Obtain it

• FIN7 Hacker Group Leverages Malicious Google Ads to Deliver NetSupport RAT

• ‘The Mask’ Espionage Group Resurfaces After 10-Year Hiatus

• HackCar – Attack AND Defense Playground For Automotive System

• Scammers found planting online betting ads on Indian government websites

• Cisco reimagines cybersecurity at RSAC 2024 with AI and kernel-level visibility

• Europol Hacked? IntelBroker Claims Major Law Enforcement Breach

• 2024-05-09: GootLoader activity

• Ascension Healthcare Cyberattack: Disruptions and Emergency Service Diversions

• Cloud Monitor Scans For Risky Video Files in Google Drive/OneDrive

• Cyber Towns – and Interview with Francois Guay: Cyber Security Today Weekend for May 11, 2024

• IT Security News Daily Summary 2024-05-10

• The FBI is Playing Politics with Your Privacy

• New LLMjacking Attack Lets Hackers Hijack AI Models for Profit

• Nmap 7.95 Released: Enhanced Network Scanning with More OS and Service Detection Power

• Iran most likely to launch destructive cyber-attack against US – ex-Air Force intel analyst

• Analysis of CVE-2024-4671: A Critical Zero-Day in Google Chrome

• CISA and Partners Release Advisory on Black Basta Ransomware

• #StopRansomware: Black Basta

• Healthcare Software Company Gains Comprehensive Visibility with LogRhythm Axon

• Emerald Divide Uses GenAI to Exploit Social, Political Divisions in Israel Using Disinformation

• Cybercriminals hit jackpot as 500k+ Ohio Lottery lovers lose out on their personal data

• Dell Data Breach Could Affect 49 Million Customers

• Why Active Directory Is A Big Deal?

• Malware Lurking in Minecraft Source Packs

• Update your Chrome browser ASAP. Google has confirmed a zero-day exploited in the wild

• ‘TunnelVision’ Attack Leaves Nearly All VPNs Vulnerable to Spying

• Dell Hell: 49 Million Customers’ Information Leaked

• Apple updates its Platform Security Guide

• Threat actor says he scraped 49M Dell customer addresses before the company found out

• The 2023 USG Data Breach: 800 Accounts Compromised, A Closer Look

• Dell admits data breach of over 49 million customers via Cyber Attack

• Adaptive Shield Launches SaaS Security for AI at RSA Conference 2024 to Mitigate GenAI Revolution Risks

• New Attack Against Self-Driving Car AI

• The Top 7 IAM Tools in 2024

• Google Staff Question Layoffs After Record Earnings

• Patch Tuesday

• US officials optimistic on AI but warn of risks, abuse

• Leaked FBI Email Stresses Need For Warrantless Surveillance Of Americans

• FBI Working Towards Nabbing Scattered Spider Hackers, Official Says

• Ex-White House Election Threat Hunter Weighs In On What To Expect In November

• MoD Contractor Hacked By China Failed To Report Breach For Months

• 500,000 Impacted By Ohio Lottery Ransomware Attack

• USENIX Security ’23 – URET: Universal Robustness Evaluation Toolkit (for Evasion)

• Akamai Expands into API Security with $450 Million Noname Deal

• US Authorities Charge LockBit Ransomware Ringleader

• North Korean Hackers Deploy New Golang Malware ‘Durian’ Against Crypto Firms

• Microsoft’s Brad Smith summoned by Homeland Security committee over ‘cascade’ of infosec failures

• Telus Acquires Cybersecurity Services Firm Vumetric

• UK’s AI Safety Institute Unveils Platform to Accelerate Safe AI Development

• New LLMjacking Attack Uses Stolen Cloud Credentials to Target Cloud-Hosted AI Models

• Dell notifies customers about data breach

• Healthcare Giant Ascension Hacked, Hospitals Diverting Emergency Service

• DocGo Confirms Cyberattack: Patient Health Data Breach

• Defending Against Hackers in the Public Sector Is a Different Beast

• GhostStripe attack haunts self-driving cars by making them ignore road signs

• Android Remote Access Trojan Equipped to Harvest Credentials

• Update: Thwarted Cyberattack Targeted Library of Congress in Tandem With October British Library Breach

• PRODUCT REVIEW: SYXSENSE ENTERPRISE

• DDoS Attack Size Increased by 233.33%, UDP-Based are Popular

• How Can Businesses Defend Themselves Against Common Cyberthreats?

• CensysGPT: AI-Powered Threat Hunting for Cybersecurity Pros (Webinar)

• Report: Global Ransomware Crisis Worsens

• Red Sea Crisis and the Risk of Cyber Fallout

• Microsoft to Enforce Executive Accountability for Cybersecurity

• How to Maintain Your Cyber Security Hygiene for a Vulnerability-free Environment

• ‘Four horsemen of cyber’ look back on 2008 DoD IT breach that led to US Cyber Command

• Ransomware Attacks Impact 20% of Sensitive Data in Healthcare Orgs

• Monday.com Removes “Share Update” Feature Abused for Phishing Attacks

• Exploited Chrome Zero-Day Patched by Google

• In Other News: European Parliament Breach, DocGo Hack, VMware Advisories Moved

• New LLMjacking Used Stolen Cloud Credentials to Attack Cloud LLM Servers

• Russia-linked APT28 targets government Polish institutions

• Google fixes fifth actively exploited Chrome zero-day this year

• BSidesSF 2024: A Community Event Anchored To Hope For The Future Of Security

• CISA Explains Why it Doesn’t Call Out Tech Vendors by Name

• OpenAI To Announce Google Search Competitor Next Week – Report

• Widely Used Telit Cinterion Modems Open to SMS-based Device Takeover Attacks

• RSAC: Experts Highlight Novel Cyber Threats and Tactics

• Cyber Security Headlines: F5 Big-IP warning, UK Army breach, BetterHelp pays out

• Citrix Warns Customers to Update PuTTY Version Installed on Their XenCenter System Manually

• Regulators are Coming for IoT Device Security

• Malicious Android Apps Pose as Google, Instagram, WhatsApp, Spread via Smishing

• What’s the Right EDR for You?

• Chrome Zero-Day Alert — Update Your Browser to Patch New Vulnerability

• Biden Admin Set To Impose Tariffs On Chinese Electric Vehicles

• CISA Starts CVE “Vulnrichment” Program

• RSA Conference 2024 – Announcements Summary (Day 4)

• 500,000 Impacted by Ohio Lottery Ransomware Attack

• HijackLoader Malware Attack Windows Via Weaponized PNG Image

• Develop Valuable Cyber Security Skills Over a Lifetime for Only $56

• Cybercriminals are Getting Faster at Exploiting Vulnerabilities

• Google Fixes Fifth Chrome Zero-Day Exploited in Attacks This Year

• SocGholish Sets Sights on Victim Peers

• Google fixes Chrome zero-day with in-the-wild exploit (CVE-2024-4671)

• Cyber Security Today, May 10 ,2024 – Patches for F5’s Next Central Manager released, Dell discovers data theft covering millions of buyers, and more

• North Korean Hackers Abusing Facebook & MS Management Console

• Singapore updates cybersecurity law to expand regulatory oversight

• Transparency is sorely lacking amid growing AI interest

• How implementing a trust fabric strengthens identity and network

• RSAC 2024: AI hype overload

• Researchers Uncover ‘LLMjacking’ Scheme Targeting Cloud-Hosted AI Models

• Google Chrome Zero-day Exploited in the Wild, Patch Now

• Best Practices for Companies in protection of User Data

• Stack Overflow Users Delete Posts in Protest Over OpenAI Partnership

• Dell Hacked – Attackers Stolen 49 Million Customers Personal Information

• Britain NCSC faces Password Embarrassment

• Warning! Google Chrome Zero-day Vulnerability Exploited in Wild

• Citrix warns customers to update PuTTY version installed on their XenCenter system manually

• May 2024 Patch Tuesday forecast: A reminder of recent threats and impact

• How secure is the “Password Protection” on your files and drives?

• Researchers Hacked Apple Infrastructure Using SQL Injection

• Cybercriminals are getting faster at exploiting vulnerabilities

• Nmap 7.95 released: New OS and service detection signatures

• Selfie spoofing becomes popular identity document fraud technique

• GenAI enables cybersecurity leaders to hire more entry-level talent

• New infosec products of the week: May 10, 2024

• ISC Stormcast For Friday, May 10th, 2024 https://isc.sans.edu/podcastdetail/8976, (Fri, May 10th)

• Researchers Hacked into Apple Infrastructure Using SQL Injection

• The Post Millennial – 26,818,266 breached accounts

• 5 Reasons Structured Cabling Networks are Critical for IT Security Management

• Dell Discloses Data Breach As Hacker Sells 49 Million Customer Data

Generated on 2024-05-11 23:55:08.353465