IT Security News Daily Summary 2024-05-23

• Efficient Document Merging Strategies for Professionals

• Here’s yet more ransomware using BitLocker against Microsoft’s own users

• Leading LLMs Insecure, Highly Vulnerable to Basic Jailbreaks

• Compromised courtroom recording software was served from vendor’s official site

• The SEC slaps NYSE’s parent company with a $10M fine for not immediately reporting a hack

• Casino cyberattacks put a bullseye on Scattered Spider – and the FBI is closing in

• Anthropic’s Generative AI Research Reveals More About How LLMs Affect Security and Bias

• Apple API Allows Wi-Fi AP Location Tracking

• Elon Musk Disagrees With US Tariffs On Chinese EVs

• Google guru roasts useless phishing tests, calls for fire drill-style overhaul

• IBM X-Force Report: Grandoreiro Malware Targets More Than 1,500 Banks in 60 Countries

• US Intelligence Agencies’ Embrace of Generative AI Is at Once Wary and Urgent

• GitHub Issues Patch for Critical Exploit in Enterprise Server

• Apple and Google are taking steps to curb the abuse of location-tracking devices — but what about others?

• WhatsApp Engineers Fear Encryption Flaw Exposes User Data, Memo

• He Trained Cops to Fight Crypto Crime—and Allegedly Ran a $100M Dark-Web Drug Market

• CISA Warns of Actively Exploited Apache Flink Security Vulnerability

• Ransomware Attacks Exploit VMware ESXi Vulnerabilities in Alarming Pattern

• Former Cybersecurity Boss Warns UK Not Heeding China Threat

• He Trained Crypto Cops to Fight Crypto Crime—and Allegedly Ran a $100M Dark Web Drug Market

• Randall Munroe’s XKCD ‘Exponential Growth’

• Sharenting: What parents should consider before posting their children’s photos online

• The 10 most common ERP security issues and ways to fix them

• Cisco Live Customer Experience Activations and Sweepstakes

• New Bitcoin Token Protocol “Runes” Carries Potential Phishing Risk

• How I got started: AI security researcher

• The WAF Oath: Primum Non Nocere | Impart Security

• Cybercriminals Exploit Cloud Storage For SMS Phishing Scams

• Deepfakes turn into second most common cybersecurity incident

• 93% of vulnerabilities unanalyzed by NVD since February

• A Leak of Biometric Police Data Is a Sign of Things to Come

• What America’s Federal Privacy Bill Means for Data Protection

• YouTube Threatens To Block Russian Protest Group’s Anti-War Content

• 8 Best Penetration Testing Tools and Software

• Cybercriminals are Targeting Elections in India With Influence Campaigns

• Defending Digital Frontiers: Strategies for Organizations in an Unstable World

• Indian Election Faces Cyber-Attacks, Data Leaks on Dark Web

• Wordfence Intelligence Weekly WordPress Vulnerability Report (May 13, 2024 to May 19, 2024)

• Guntech 2.5 to Launch in Upland’s Gaming Ecosystem

• AutomationDirect Productivity PLCs

• Navigating Multicloud Security: How MSPs Can Leverage the Cloud Protection Suite to Secure their Customers

• Chinese Hackers Hide on Military and Government Networks for Six Years

• Veeam says critical flaw can’t be abused to trash backups

• Compromised recording software was served from vendor’s official site, threat researchers say

• New Frontiers, Old Tactics: Chinese Espionage Group Targets Africa & Caribbean Govts

• 55,000 Impacted By Cyberattack On California School Association

• Veeam Patches Critical Flaw That Puts Enterprise Backups At Risk

• 70% Of CISOs Worry Their Org Is At Risk Of A Material Cyber Attack

• VMware Abused In Recent MITRE Hack For Persistence, Evasion

• How Apple Wi-Fi Positioning System Can Be Abused To Track People Around The Globe

• Microsoft’s Recall Stokes Security and Privacy Concerns

• VMware Abused in Recent MITRE Hack for Persistence, Evasion

• Hospitals Hacked: Urgent Care Needed

• Beyond the Basics: Exploring Uncommon NTLM Relay Attack Techniques

• Breach Forums Plans Dark Web Return Despite FBI Crackdown

• ICO Warns PSNI It Faces £750k Fine Over Data Breach

• Analog Launches Testnet, Allocates 2% Token Supply for Participants

• Consumer Industries at Cisco Live 2024

• U.S. House Panel Takes on AI Security and Misuse

• Keylogger Malware Campaign Exploits Microsoft Exchange Server Flaws to Hit Over 30 Victims

• 70% of CISOs worry their org is at risk of a material cyber attack

• Chinese Espionage Campaign Expands to Target Africa and The Caribbean

• Estimate the financial benefits of using CloudGuard Network Security

• 10 Years in Prison for $4.5 million BEC Scammer Who Bought Ferrari to Launder Money

• APT41: The threat of KeyPlug against Italian industries

• CLOUD#REVERSER Campaign Leverages Cloud Storage for Malware Delivery

• Cybersecurity Labeling for Smart Devices Aims to Help People Choose Items Less Likely to be Hacked

• 55,000 Impacted by Cyberattack on California School Association

• Bolster Raises $14 Million for AI-Powered Phishing Protection

• Ransomware Fallout: 94% Experience Downtime, 40% Face Work Stoppage

• Major Security Flaw Discovered in Popular Cloud Logging Tool

• NVD Leaves Exploited Vulnerabilities Unchecked

• Snowflake’s Anvilogic Investment Signals Changes in SIEM Market

• Consumer-Grade Spyware App Found on US Hotel Check-in Computers

• Legacy Windows OSes Fall Prey to Rapid Online Attacks

• LastPass Rolls Out URL Encryption In Password Vaults

• Demystifying Multicloud Networking with Cisco Multicloud Defense

• ShrinkLocker: Turning BitLocker into ransomware

• Creating a Security Program with Less Complexity and More Visibility

• Apple’s Wi-Fi Positioning Can Be System Abused To Track Users

• Inside Operation Diplomatic Specter: Chinese APT Group’s Stealthy Tactics Exposed

• Are Your SaaS Backups as Secure as Your Production Data?

• Bugcrowd, the crowdsourced white-hat hacker platform, acquires Informer to ramp up its security chops

• Critical SQL Injection flaws impact Ivanti Endpoint Manager (EPM)

• Heimdal to Showcase Widest Cybersecurity Tech Stack at Infosecurity Europe 2024

• Apple Wi-Fi Positioning System Open to Global Tracking Abuse

• Rockwell Automation Urges Disconnection of ICS from the Internet

• NYSE Operator Intercontinental Exchange Gets $10M SEC Fine Over 2021 Hack

• 400,000 Impacted by CentroMed Data Breach

• Newly Detected Chinese Group Targeting Military, Government Entities

• Why We Need to Get a Handle on AI

• Zero-Day Attacks and Supply Chain Compromises Surge, MFA Remains Underutilized: Rapid7 Report

• EU Data Centers to Report Energy and Water Use Under New Rules

• National Records of Scotland Data Breached in NHS Cyber-Attack

• Apple Appeals Against EU’s $2bn Music Streaming Fine

• Spyware App Found Running on Multiple US Hotel Check-In Computers

• OpenText Acquires Cybersecurity MDR Platform for MSPs

• Personal AI Assistants and Privacy

• Former White House Cyber Official Jeff Greene to Join CISA

• How AI will change your credit card behind the scenes

• My 5 must-have extensions for Firefox on Android (and what I use them for)

• Using AI, Mastercard Expects to Find Compromised Cards Quicker, Before They Get Used by Criminals

• GitHub fixes maximum severity Enterprise Server auth bypass bug (CVE-2024-4985)

• How Do We Build a Security Program to Thwart Deepfakes?

• Operation Diplomatic Specter: An Active Chinese Cyberespionage Campaign Leverages Rare Tool Set to Target Governmental Entities in the Middle East, Africa and Asia

• OpenAI Agrees Content Deal With News Corp

• SEC Fines NYSE Owner ICE for Delay in Reporting VPN Breach

• Ivanti Patches Critical Remote Code Execution Flaws in Endpoint Manager

• Cybersecurity News: NY Stock Exchange owner fined, $50 million towards hospital security, LockBit no longer reigns supreme

• Chinese actor ‘Unfading Sea Haze’ remained undetected for five years

• Scammers are Selling Fake NSO Pegasus Spyware

• OpenText Boosts MDR Offering for MSPs With Pillr Acquisition

• Watch on Demand: Threat Detection and Incident Response (TDIR) Summit

• OneTrust helps organizations meet the framework requirements

• GitHub Fixes Maximum Severity Flaw in Enterprise Server

• A journey into forgotten Null Session and MS-RPC interfaces

• UK data watchdog wants six figures from N Ireland cops after 2023 data leak

• RSAC Fireside Chat: Qwiet AI leverages graph-database technology to reduce AppSec noise

• Dota2 – 1,907,205 breached accounts

• PSNI Faces £750,000 Data Breach Fine After Spreadsheet Leak

• SOCRadar raises $25.2 million to accelerate investments in key areas

• What happens when AI goes rogue (and how to stop it)

• A consumer-grade spyware app found in check-in systems of 3 US hotels

• Server-Side Credit Card Skimmer Lodged in Obscure Plugin

• HHS pledges $50M for autonomous vulnerability management solution for hospitals

• Microsoft Replacing VBScript With JavaScript & PowerShell

• How Apple Wi-Fi Positioning System can be abused to track people around the globe

• Would you buy Pegasus spyware from this scammer?

• The End of an Era: Microsoft Phases Out VBScript for JavaScript and PowerShell

• Cyber Threat news headlines trending on Google

• Frida-JIT-unPacker: An Imperva Contribution to the Security Research Community, Presented at Black Hat Asia 2024

• CISOs pursuing AI readiness should start by updating the org’s email security policy

• Strategies for transitioning to a SASE architecture

• Ransomware fallout: 94% experience downtime, 40% face work stoppage

• ‘China-aligned’ spyware slingers operating since 2018 unmasked at last

• Machine identities lack essential security controls, pose major threat

• 2024 sees continued increase in ransomware activity

• The Crux of Android 14 Application Migration and Its Impact

• ISC Stormcast For Thursday, May 23rd, 2024 https://isc.sans.edu/podcastdetail/8994, (Thu, May 23rd)

• Human Error and AI Emerge as Key Challenges in Survey of CISOs

• BTS #30 – Systems Of Trust – Robert Martin

• Lawmakers advance bill to tighten White House grip on AI model exports

• Analysis of ?redtail? File Uploads to ICS Honeypot, a Multi-Architecture Coin Miner [Guest Diary], (Wed, May 22nd)

• Nominations Open for 2024 EFF Awards!

• Go after UnitedHealth, not us, 100+ medical groups urge Uncle Sam

• 15 Best DevSecOps Tools for Seamless Security in 2024

• IT Security News Daily Summary 2024-05-22

• Microsoft Build 2024: Copilot AI Will Gain ‘Personal Assistant’ and Custom Agent Capabilities

• New APT Group “Unfading Sea Haze” Hits Military Targets in South China Sea

• How to find out if an AirTag is tracking you

• USENIX Security ’23 – PET: Prevent Discovered Errors from Being Triggered in the Linux Kernel

• Prompt Injection Threats Highlight GenAI Risks

• ISPM & ITDR Synergize for AI-Based Identity Security

• Sustainability 101: What is a resilient ecosystem?

• SOCRadar Raises $25M Series B for Threat Intel Tech

• Canada’s London Drugs confirms ransomware attack after LockBit demands $25M

• NYSE parent gets $10M wrist tap for failing to report 2021 systems break-in

• How to change your IP address, why you’d want to – and when you shouldn’t

• Security Compliance 101: What It Is and How to Master It

• 15 Best DevSecOps Tools For Seamless Security in 2024

• Spyware found on US hotel check-in computers

• Critical Veeam Backup Enterprise Manager authentication bypass bug

• Ransomware, BEC, GenAI Raise Security Challenges

• CFO Deepfake Redux — Arup Lost $26M via Video

• Microsoft Recall Triggers Enquiry From UK Data Regulator

• AttackGen- A MITRE ATT&CK framework For Cybersecurity Incident

• The best identity theft protection and credit monitoring services of 2024

• The best travel VPNs of 2024: Expert tested and reviewed

• Laundering cash from healthcare, romance scams lands US man in prison for a decade

• Hackers Sell Fake Pegasus Spyware on Clearnet and Dark Web

• Cybercriminals are targeting elections in India with influence campaigns

• What You Need to Know About SEC Compliance Requirements

• Upcoming Honor Smartphones To Feature Google AI Tech

• Confused by the SEC’s breach reporting rules? Read this

• Top things to do at InfoSecurity Europe 2024 – Learn, Explore and Have Fun

• Virtual Event Now Live: Threat Detection and Incident Response (TDIR) Summit

• Cybersecurity Risks and Solutions for Millennials and Gen Z

• Patient Privacy at Risk: Experts React to Health Company Data Leak

• Enhancing Workplace Security and Productivity with Effective Web Filtering

• Report Reveals 341% Rise in Advanced Phishing Attacks

• Google shows Microsoft Cybersecurity failures to US Government to gain business

• Amazon To Refresh Alexa With AI, Charge Monthly Subscription – Report

• Ikaruz Red Team Leveraging LockBit Builder To Launch Ransomware Attacks

• Turla Hackers Leveraging Microsoft Build Engine To Deliver Malware Stealthily

• Why IT Leaders Are Evolving the Network into a High-Performance Digital Engine

• Congo Lawyers Say They Have New Evidence On Apple’s Minerals Supply Chain

• LockBit Dethroned As Ransomware Leader Since Takedown

• Uncle Sam To Inject $50M Into Auto-Patcher For Hospital IT

• Microsoft’s AI Recall Feature Raises Security, Privacy Concerns

• Researchers Spot Cryptojacking Attack That Disables Endpoint Protections

• USENIX Security ’23 – USENIX Security ’23 – Content-Type: multipart/oracle – Tapping into Format Oracles in Email End-to-End Encryption

• Researchers Warn of Chinese-Aligned Hackers Targeting South China Sea Countries

• UserPro Plugin Vulnerability Allows Account Takeover

• Up to 30X Faster PHP Malware Scans with Wordfence CLI 4.0.1

• Top 7 generative AI development companies

• Electric Vehicles Twice As Likely To Hit Pedestrians – Study

• As tech evolves at full tilt, power skills are critical for IT leaders

• Stopping ransomware in multicloud environments

• Arctic Wolf CPO: Most AI deployment is generic, ‘pretty weak’

• Bolster, creator of the CheckPhish phishing tracker, raises $14M led by Microsoft’s M12

• Fortifying Digital Health Against Cyber Attacks

• Indian Govt Targets Cyber Criminals: DoT To Deactivate 1.8 Million SIMs

• Chinese Hackers Rely on Covert Proxy Networks to Evade Detection

• An ongoing malware campaign exploits Microsoft Exchange Server flaws

• BeyondTrust vs. Delinea: Which Is Best for Privileged Access Management?

• Strengthening Cyber Defense with Threat Intelligence Operations

• Strike Graph VerifyAI gives businesses flexibility and control for audits

• IOC Extinction? China-Nexus Cyber Espionage Actors Use ORB Networks to Raise Cost on Defenders

• Breaking Down the WebTPA Data Breach: Expert Analysis and Perspectives

• Teslas Can Still Be Stolen With a Cheap Radio Hack—Despite New Keyless Tech

• Rockwell Automation Urges Customers to Disconnect ICS From Internet

• US to Invest $50 Million in Securing Hospitals Against Cyber Threats

• Criminal IP: Enhancing Security Solutions through AWS Marketplace Integration

• Block Ads and Boost Security with AdGuard DNS

• Revolutionizing Connectivity: The Rise of iSIMs in the Mobile Industry

• Google Unhappy: Microsoft’s Cybersecurity Struggles: What Went Wrong?

• Safeguard Your Future with Seven Layers of Data Resilience

• Stealerium Malware Targeting Wi-Fi Networks, Outlook to Steal Login Credentials

• PlexTrac Plex AI helps offensive security teams write reports

• Kelp DAO Secures $9 Million in Private Sale for Restaking Innovations

• Zoom Announces Advanced Encryption for Increased Meeting Security

• Public Sector at Cisco Live 2024

• A Consolidated Approach to Fraud: Bringing Together Risk Insights, Organizations and Technology

• Critical Authentication Bypass Resolved in GitHub Enterprise Server

• Critical Veeam Vulnerability Leads to Authentication Bypass

• Exploring the Role of ISO/IEC 42001 in Ethical AI Frameworks

• AU10TIX Risk Assessment Model identifies potential vulnerabilities

• Rockwell Advises Disconnecting Internet-Facing ICS Devices Amid Cyber Threats

• From trust to trickery: Brand impersonation over the email attack vector

• EU Countries Endorse AI Act, Due Next Month

• Critical SAML Auth Bypass Vulnerability Found in GitHub Enterprise Server

• Windows’ new Recall feature: A privacy and security nightmare?

• NMAP Scanning without Scanning (Part 2) – The ipinfo API, (Wed, May 22nd)

• Hackers Claiming Access to Qatar National Bank Database

• AI in Cyber Is Here to Stay — How to Weather This Sea Change

• More Than 70% of Surveyed Water Systems Failed to Meet EPA Cyber Standards

• Critical Vulnerability in Honeywell Virtual Controller Allows Remote Code Execution

• Virtual Event Today: Threat Detection and Incident Response (TDIR) Summit

• Ivanti Patches Critical Code Execution Vulnerabilities in Endpoint Manager

• Breakthrough for Solv Protocol: $1 Billion TVL, Now a Top 32 DeFi Player

• Cloud-Based Malware Attack Abusing Google Drive & Dropbox

• Unredacting Pixelated Text

• GhostEngine Mining Attacks Kill EDR Security Using Vulnerable Drivers

• OmniVision Technologies Cyber Attack, Hackers Stolen Personal Data in Ransomware Attack

• Criminal record database of millions of Americans dumped online

• LockBit dethroned as leading ransomware gang for first time post-takedown

• How to Change Your VPN Location (A Step-by-Step Guide)

• ARPA-H Pledges $50M for Hospital IT Security Auto-Patching

• The Ultimate SaaS Security Posture Management Checklist, 2025 Edition

• Mastercard Doubles Speed of Fraud Detection with Generative AI

• SpaceX Demos First Video Call Of T-Mobile’s Direct To Cell Service

• Critical GitHub Enterprise Server Authentication Bypass bug. Fix it now!

• Snapchat Revises AI Privacy Policy Following UK ICO Probe

• Beware – Your Customer Chatbot is Almost Certainly Insecure: Report

• Chrome 125 Update Patches High-Severity Vulnerabilities

• Join Us 06-07-24 for “Hacking SOC 2 Vs. ISO 27001” – Super Cyber Friday

• Optimizing LMS Integration: 7 Strategies for Enhanced Blended Learning

• Stealers, stealers and more stealers

• Set of Bugs Puts Software Company and IoT Device Makers Into Motion

• GHOSTENGINE Exploits Vulnerable Drivers to Disable EDRs in Cryptojacking Attack

• US Unveils $50M Program to Help Hospitals Patch Cybersecurity Gaps

• Cybersecurity News: UK ransomware reporting, Tech Against Scams, secure Windows 11 defaults

• Microsoft AI “Recall” feature records everything, secures far less

• Top 7 Cybersecurity Trends for Enterprises in 2024

• HITRUST: the Path to Cyber Resilience

• 15 Best DevSecOps Tools For Seamless Security In 2024

• Exploring the Depths of SolarMarker’s Multi-tiered Infrastructure

• Authelia: Open-Source Authentication and Authorization Server

• UK Government in £8.5m Bid to Tackle AI Cyber-Threats

• Cyber Security Today, May 22, 2024 – LockBit ransomware gang hits more victims, Fluent Bit servers need to be updated, and more

• Choosing the Right Pricing Intelligence Solution for Your Business

• 100 Groups Urge Feds to Put UHG on Hook for Breach Notices

• Veeam fixes auth bypass flaw in Backup Enterprise Manager (CVE-2024-29849)

• CyberArk CORA AI accelerates identity threat detection

• Authorized Push Payment Fraud Cases Surge 12% Annually

• Hackers run away with 3,000 gallons of fuel stolen from a gas station in Washington

• OmniVision disclosed a data breach after the 2023 Cactus ransomware attack

• Zoom Adds ‘Post-Quantum’ Encryption for Video Conferencing

• Veeam Warns of Critical Backup Enterprise Manager Auth Bypass Bug

• Threat Actors Leverage Bitbucket Artifacts to Breach AWS Accounts

• Critical Flaw In Confluence Server Let Attackers Execute Arbitrary Code

• GitHub Enterprise Server patches 10-outta-10 critical hole

• OneTrust empowers organizations to govern data and AI without slowing down innovation

• MS Exchange Server Flaws Exploited to Deploy Keylogger in Targeted Attacks

• Bridging the NHI security gap: Astrix and Torq partner up

• LockBit demands $25 million from London Drugs in 48 hours

• Can a Cyber Threat Abruptly Evolve into a Ransomware Attack

• Hackers Breached Western Sydney University Microsoft 365 & Sharepoint Environments

• Zoom Adopts NIST-Approved Post-Quantum End-to-End Encryption for Meetings

• QNAP Patches New Flaws in QTS and QuTS hero Impacting NAS Appliances

• Authelia: Open-source authentication and authorization server

• Critical Veeam Backup Enterprise Manager Flaw Allows Authentication Bypass

• Cybersecurity jobs available right now: May 22, 2024

• CEOs accelerate GenAI adoption despite workforce resistance

• Technological complexity drives new wave of identity risks

• Kentik for Ansible Automation Platform now certified with Red Hat

• ISC Stormcast For Wednesday, May 22nd, 2024 https://isc.sans.edu/podcastdetail/8992, (Wed, May 22nd)

• Uncle Sam to inject $50M into auto-patcher for hospital IT

• Hackers Leverage AI as Application Security Threats Mount

• AI Companies Make Fresh Safety Promise at Seoul Summit, Nations Agree to Align Work on Risks

• FUD: How Fear, Uncertainty, and Doubt can ruin your security program

• Back to Cooking: Detection Engineer vs Detection Consumer, Again?

Generated on 2024-05-23 23:55:12.019745