IT Security News Daily Summary 2024-05-30

• Proofpoint’s CISO 2024 Report: Top Challenges Include Human Error & Risk

• Trump Guilty On All 34 Felony Counts

• What is extortionware? How does it differ from ransomware?

• CISA adds Check Point Quantum Security Gateways and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog

• Law enforcement conducts ‘largest ever’ botnet takedown

• The 7 core pillars of a zero-trust architecture

• AI Threat Scenario, GuLoader, DarkGate, MirrorBlast, Kutaki Stealer and More – Hacker’s Playbook Threat Coverage Round-up: May 2024

• Top 6 benefits of zero-trust security for businesses

• Experts found a macOS version of the sophisticated LightSpy spyware

• ShinyHunters Claims Santander Bank Breach: 30M Customers’ Data for Sale

• Is Imitation A Form Of Flattery? Scarlett Johansson Doesn’t Think So | Avast

• Cybersecurity Management Lessons from Healthcare Woes

• Ecuador Is Literally Powerless in the Face of Drought

• Mitigate Http/2 continuations with Imperva WAF

• Do you need an anti-spy camera finder and bug detector? How they work

• Zero-day flaw in Check Point VPNs is ‘extremely easy’ to exploit

• CISA Alerts Federal Agencies to Patch Actively Exploited Linux Kernel Flaw

• Attackers are impersonating a road toll payment processor across the U.S. in phishing attacks

• Analysis: US Sanctions Target Chinese Botnet Behind COVID Relief Theft

• The best VPN for streaming in 2024: Expert tested and reviewed

• The best travel VPNs of 2024: Expert tested and reviewed

• Euro cops disrupt malware droppers, seize thousands of domains

• E80 Group secures its AGVs with Cisco industrial solutions and Italtel system integration

• Investing in Cloud Infrastructure in the Kingdom of Saudi Arabia

• Important details about CIRCIA ransomware reporting

• Microsoft’s Windows Recall: Cutting-Edge Search Tech or Creepy Overreach?

• Cloudflare Expands Zero Trust Capabilities with Acquisition of BastionZero

• FlyingYeti Exploits WinRAR Vulnerability to Deliver COOKBOX Malware in Ukraine

• Beware of scammers impersonating Malwarebytes

• 4 Arrested as Operation Endgame Disrupts Ransomware Botnets

• What Is Cloud Security Management? Types & Strategies

• Solaris SE partners with Salt Security

• Ticketmaster Hack Ticks Off 560M Customers in 1.3TB Breach

• Cyber Espionage Alert: LilacSquid Targets IT, Energy, and Pharma Sectors

• Europol-Led Operation Endgame Hits Botnet, Ransomware Networks

• Eurojust conducts operation to shut malware and ransomware spreading botnets

• USENIX Security ’23 – Curve Trees: Practical and Transparent Zero-Knowledge Accumulators

• AI Transforming Education in the South East: A New Era for Schools

• Wordfence Intelligence Weekly WordPress Vulnerability Report (May 20, 2024 to May 26, 2024)

• We Made It, Together: 20 Years of VirusTotal!

• May 2024 Web Server Survey

• ‘Operation Endgame’ Hits Malware Delivery Platforms

• NIST Getting Outside Help for National Vulnerability Database

• Critical WordPress Plugin Flaws Exploited to Inject Malicious Scripts and Backdoors

• Investigating the Potential Benefits of Periodic iPhone Shutdowns

• First American Reveals Data Breach Impacting 44,000 Individuals

• RedTail Cryptominer Threat Actors Adopt PAN-OS CVE-2024-3400 Exploit

• Toshiba Email Compromise Leaks Social Security Numbers – Analysis

• Is Microsoft Recall a ‘privacy nightmare’? 7 reasons you can stop worrying about it

• Baxter Welch Allyn Connex Spot Monitor

• Inosoft VisiWin

• Inspiring Innovation at Cisco Live Las Vegas 2024

• Cross-Team Collaboration is Vital for Organizations in Today’s Digital Landscape

• I purchased a luxury vacation to Aruba for only $151.73 – thanks to credential stuffing

• RedTail Malware Abuses Palo Alto Flaw in Latest Cryptomining Campaign

• RedTail Crypto-Mining Malware Exploiting Palo Alto Networks Firewall Vulnerability

• What Is ShrinkLocker? New Ransomware Targets Microsoft BitLocker Encryption Feature

• Cisco Firepower Management Center Impacted By a High-Severity Vulnerability

• Researchers Uncover Active Exploitation of WordPress Plugin Vulnerabilities

• Cybercriminals raid BBC pension database, steal records of over 25,000 people

• Fuji Electric Monitouch V-SFT

• LenelS2 NetBox

• The power of community helps Cisco Insider Rob Taylor bring innovation to his customers.

• Researchers Crack 11-Year-Old Password, Recover $3 Million In Bitcoin

• FBCS Data Breach Impact Grows To 3.2 Million Individuals

• Massive 911 S5 Botnet Dismantled, Mastermind Arrested

• Critics Of Putin And His Allies Targeted With Spyware Inside The EU

• Australia Looking Into Alleged Ticketmaster Hack

• 16-29 February 2024 Cyber Attacks Timeline

• Top 7 Database Security Best Practices

• Strata Identity Wins 2024 Fortress Cybersecurity Award from Business Intelligence Group

• Analysis Uncovers Raft of Identity Issues in the Cloud

• History Meets Hackers: Internet Archive Battles Ongoing DDoS Attacks

• Centripetal Expands Portfolio with DNS Offering

• “Largest Botnet Ever” Disrupted. 911 S5’s Alleged Mastermind Arrested

• IT worker sued over ‘vengeful’ cyber harassment of policeman who issued a jaywalking ticket

• Revolutionizing Education in South Australia: Strong Networks, Strong Learning

• Full Drive Encryption Only a Half-Measure for Data Security

• Ask the Analyst: Nisos Anti-scraping Expert Scott Tessier

• Iranian Hacker Group Void Manticore Linked to Destructive Cyber Attacks on Israel and Albania

• Stopping Cloud-Based Identity Attacks with Push Security

• Pop Culture Passwords Most Likely to Get You Hacked, New Study

• Progress Telerik Report Server Flaw Let Attackers Bypass Authentication

• FBCS Data Breach Impact Grows to 3.2 Million Individuals

• TrickBot and Other Malware Droppers Disrupted by Law Enforcement

• How to Build Your Autonomous SOC Strategy

• LilacSquid: The stealthy trilogy of PurpleInk, InkBox and InkLoader

• CryptoChameleon Kit With Group of Tools Propagate Phishing Quickly into Infrastructure

• Managing Firewall complexity and Augmenting Effectiveness with AIOps for Cisco Firewall

• Cisco Secure Firewall integrates with Azure Virtual WAN (vWAN) to simplify firewall insertion in Azure environments

• Shifting gender stereotypes: ten years of Women Rock-IT

• Massive 911 S5 Botnet Dismantled, Chinese Mastermind Arrested

• 8 Degrees of Secure Access Service Edge

• Okta Warns of Credential Stuffing Attacks Targeting Cross-Origin Authentication

• Europol Shuts Down 100+ Servers Linked to IcedID, TrickBot, and Other Malware

• Spring Cloud Data Flow Let Attackers Compromise The Server

• Top 6 Database Security Solutions Available in 2024

• Supply Chain Attack against Courtroom Software

• IBM spin-off Kyndryl accused of discriminating on basis of age, race, disability

• Do VPNs Change or Hide Your IP Address?

• The Ticketmaster “breach”—what you need to know

• Pretty much all of the headaches affecting MSPs are due to cybersecurity

• NIST says NVD will be back on track by September 2024

• BlackRock $20bn ETF Becomes World’s Biggest Bitcoin Fund

• OpenAI Board ‘Not Aware Of ChatGPT Launch’

• Meta Finds Facebook Propaganda Network Using Generative AI

• HP Sales Beat Expectations As PCs Return To Growth

• The Unusual Espionage Act Case Against a Drone Photographer

• US-Led Operation Takes Down World’s Largest Botnet

• Recruiting From the Help Desk

• Employee Termination Policy

• Check Point VPN Attacks Involve Zero-Day Exploited Since April

• Ransomware Attack Disrupts Seattle Public Library Services

• VMware Workstation and Fusion: Critical Security Flaws Fixed

• Cybersecurity News:  New NK hackers, Dutch bank breached, Wayback Machine attacked

• Operation Endgame, the largest law enforcement operation ever against botnets

• RSAC Fireside Chat: Start-up Anetac rolls out a solution to rising ‘service accounts’ exposures

• U.S. Dismantles World’s Largest 911 S5 Botnet, with 19 Million Infected Devices

• Elevate Your IAM Strategy with Thales at EIC 2024

• Threat Hunting 101: Five Common Threats to Look For

• Former FTX Executive Ryan Salame Sentenced To Seven Years

• Shark Tank Host Launches Crowdfunding Site For TikTok Buy

• Law enforcement operation dismantled 911 S5 botnet

• #Infosec2024: Why Credential-Based Attacks Need Modern Solutions

• Okta Warns Credential Stuffing Attacks Targeting Customer Identity Cloud

• London Woman Jailed For Six Years For Laundering Bitcoin

• Okta warns of credential stuffing attacks targeting its Cross-Origin Authentication feature

• Okta Warns of Credential Stuffing Attacks Targeting Customer Identity Cloud

• Feeding MISP with OSSEC, (Thu, May 30th)

• Hackers Claiming Shell Data Breach On Popular Hacking Forum

• Cyber Attack news headlines trending on Google

• Indian stock exchange finally encrypting all messages to traders

• Operation Endgame – 16,455,383 breached accounts

• Decoding Water Sigbin’s Latest Obfuscation Tricks

• ESET World 2024: Big on prevention, even bigger on AI

• What is Security Orchestration?

• Cybercriminals Abuse Stack Overflow to Promote Malicious Python Package

• 59% of public sector apps carry long-standing security flaws

• A Year of Opportunity: Our Role in Empowering Global Progress

• Identity-related incidents becoming severe, costing organizations a fortune

• NIST unveils ARIA to evaluate and verify AI capabilities, impacts

• ISC Stormcast For Thursday, May 30th, 2024 https://isc.sans.edu/podcastdetail/9002, (Thu, May 30th)

• Chinese national cuffed on charges of running ‘likely the world’s largest botnet ever’

• Malicious PyPI Package ‘Pytoileur’ Targets Windows and Leverages Stack Overflow for Distribution

• Miscreants claim they’ve snatched 560M people’s info from Ticketmaster

• Chinese EV makers, and their connected vehicles, targeted by new House bill

• The Alaska Supreme Court Takes Aerial Surveillance’s Threat to Privacy Seriously, Other Courts Should Too

• Ticketmaster Hacked, Personal Data of 560 Million Customers Leaked, ShinyHunters Claim

• NIST Struggles with NVD Backlog as 93% of Flaws Remain Unanalyzed

• IT Security News Daily Summary 2024-05-29

• ‘Largest Botnet Ever’ Tied to Billions in Stolen Covid-19 Relief Funds

• A Plan to Protect Critical Infrastructure from 21st Century Threats

• How to converge networking and security teams: Key steps

• Multi-day DDoS storm batters Internet Archive

• Chinese EVs – and their connected tech – are the next target of US lawmakers

• USENIX Security ’23 – Dubhe: Succinct Zero-Knowledge Proofs for Standard AES and related Applications

• Scammers Build Fraud Campaigns Around Free Piano Offers

• Is Your Computer Part of ‘The Largest Botnet Ever?’

• Check Point released hotfix for actively exploited VPN zero-day

• Top 6 Managed Detection & Response (MDR) Providers in 2024

• From Trend to Mainstay: The Unstoppable Force of Managed Services

• From IT Pro to Swiftie, Scott Sardella’s Winning Big with Cisco Insider Advocates

• Don’t Let the Sun Go Down on Section 230 | EFFector 36.7

• Cybercriminals Abuse StackOverflow to Promote Malicious Python Package

• Christie’s Auction House Hacked, Sensitive Data from 500,000 Customers Stolen

• Moonstone Sleet emerges as new North Korean threat actor with new bag of tricks

• 6 insights from Microsoft’s 2024 state of multicloud risk report to evolve your security strategy

• Why healthcare data is often the target of ransomware attacks

• House bill would ban Chinese connected vehicles over security concerns

• Out-of-bounds reads in Adobe Acrobat; Foxit PDF Reader contains vulnerability that could lead to SYSTEM-level privileges

• New Generative AI category added to Talos reputation services

• Retail Tech Deep-Dive: Meraki Security

• Integration of Cisco Secure Threat Defense Virtual with Megaport

• #MIWIC2024 One To Watch: Ellie Calver, Cybersecurity Apprentice at BT

• How to turn off location tracking on iOS and iPadOS

• USENIX Security ’23 – PROGRAPHER: An Anomaly Detection System based on Provenance Graph Embedding

• Advance Fee Fraud Targets Colleges With Free Piano Offers

• Microsoft uncovers North Korea Moonstone Sleet

• Surge in Discord Malware Attacks as 50,000 Malicious Links Uncovered

• Check Point discovers vulnerability tied to VPN attacks

• Defend Your Business: Testing Your Security Against QakBot and Black Basta Ransomware

• Check Point Warns of Zero-Day Attacks on its VPN Gateway Products

• Geoffrey Hinton Discusses Risks and Societal Impacts of AI Advancements

• New PyPI Malware “Pytoileur” Steals Crypto and Evades Detection

• Brazilian Banks Targeted by New AllaKore RAT Variant Called AllaSenha

• AI, Deepfakes and Digital ID: The New Frontier of Corporate Cybersecurity

• Vulnerabilities in Eclipse ThreadX Could Lead to Code Execution

• Transcend Raises $40 Million for Data Privacy Platform

• A NIST AI RMF Summary

• You Know You Need GenAI Policies, Right?

• 400% Increase in MoD Data Breaches Sparks Fears of Cyber Threats from Russia and China

• Hackers exploited “Free VPN” to build massive fraud botnet, hit with US sanctions

• Severe Vulnerability Fixed In Cisco Firepower Management Center

• North Korea Building Cash Reserves Using Ransomware, Video Games

• Top Lieutenant To Crypto King Jailed For Seven Years

• US Sanctions Three Chinese Men For Operating 911 S5 Botnet

• Netflix Paid Out Over $1 Million Via Bug Bounty Program

• BreachForums Returns Just Weeks After FBI-Led Takedown

• A Wider View on TunnelVision and VPN Advice

• Risks of Generative AI for Organisations and How to Manage Them

• Combatting International Spoofed Calls: India’s New Measures to Protect Citizens

• Protect and Elevate Your DNS with Akamai Shield NS53

• How to turn off location tracking on Android

• US Sanctions Three Chinese Men for Operating 911 S5 Botnet

• AI Market Research: The Pivotal Role of Generative AI in Cyber Security

• Keeper Unveils Revamped Browser Extension

• Data leak site BreachForums is back, boasting Live Nation/Ticketmaster user data. But is it a trap?

• From Courtroom to Cyber Threat: The JAVS Viewer 8 Incident

• Internet Archive Disrupted by Sustained and “Mean” DDoS Attack

• North Korea building cash reserves using ransomware, video games

• Industrials at Cisco Live 2024

• How Empathetic Leadership Can Shape the Future of Inclusion in Cybersecurity

• Truecaller AI Call Scanner detects AI voice clones in real-time

• Moonstone Sleet: A new North Korean threat actor

• The Idea of Web3 and 7 Global Web3 Agencies

• Ransomlord – Anti-Ransomware Exploitation Tool

• Top 6 Managed Detection and Response (MDR) Providers in 2024

• BreachForums resurrected after FBI seizure

• New Endpoint Protection Platform by Cigent Blocks Ransomware at the Data Level

• Europe’s Cybersecurity Chief Says Disruptive Attacks Have Doubled in 2024, Sees Russia Behind Many

• New North Korean Threat Actor Engaging in Espionage, Revenue Generation Attacks

• Zendata Emerges From Stealth With Data Security, AI Governance Solutions

• New Research Warns About Weak Offboarding Management and Insider Risks

• U.S. Sentences 31-Year-Old to 10 Years for Laundering $4.5M in Email Scams

• Blocksquare Hits $100M Tokenized RWA Triggering Launchpad Release

• 10 Best SIEM Tools for 2024

• Strengthening Data Security to Protect Consumers

• #Infosec2024: How Williams Racing Relies on Data Security for Peak Performance

• OpenAI Creates AI Safety Committee After Criticism

• EU Eyes Telegram User Numbers As It Nears Regulatory Threshold

• Nvidia Value Nears Apple As Shares Surge

• Musk’s Neuralink Seeks Patients For Clinical Trial

• GMO GlobalSign introduces Certificate Automation Manager

• Privacy Implications of Tracking Wireless Access Points

• Personal Information of 44,000 Compromised in First American Cyberattack

• ASML and TSM Face Uncertain Future in Event of Chinese Assault on Taiwan

• How fraudsters stole $37 million from Coinbase Pro users

• Microsoft Uncovers ‘Moonstone Sleet’ — New North Korean Hacker Group

• ELLIO and ntop Partnership Enhances Real-Time Network Traffic Monitoring

• Hiring Kit: Cryptography Engineer

• Price Drop: This Complete Ethical Hacking Bundle is Now $40

• New North Korean Hacking Group Identified by Microsoft

• Join Us 06-14-24 for “Hacking the Conversation Around Risk” – Super Cyber Friday

• PoC exploits for critical FortiSIEM command execution flaws released (CVE-2024-23108, CVE-2023-34992)

• Cybersecurity News: BreachForums returns, First American data breach, Chinese nationals sanctioned

• Netflix Paid Out Over $1 Million via Bug Bounty Program

• Dashlane Nudges reduces the risk of credential theft

• #Infosec2024: Decoding SentinelOne’s AI Threat Hunting Assistant

• Cyber Security Today, May 29, 2024 – A new North Korean ransomware gang spotted, and more

• ELLIO and ntop partnership to boost high-speed network traffic monitoring with real-time data on opportunistic scans, botnets, and mass attacks.

• Introducing Sekoia TDR

• TikTok Challenge To US Ban Law Gets September Hearing

• Tencent Uses AI To Help Decipher Ancient Chinese Script

• Transcend raises $40 million to address data privacy issues

• Tracking Threat Actors Using Images and Artifacts

• Data Destruction: The Final Line of Defense Against Cyber Attacks

• EU Is Tightening Cybersecurity for Energy Providers

• BreachForums Returns Just Weeks After FBI Seizure – Honeypot or Blunder?

• Study Finds Public Interest In AI Lags Industry Hype

• ABN Amro discloses data breach following an attack on a third-party provider

• Understanding Material Cybersecurity Breaches and Material Cyber Attacks

• Simplify 5G Fixed Wireless Access and Scale Secure Connectivity to More Places

• Symmetry Systems Unveils State of Data+AI Security: Dormant data growing 5X Year on Year, while 1/4 of Identities haven’t accessed Any Data in over 90 days.

• Data Entry Job Offers in Southeast Asia Could Be Cyber Crime Traps

• Customer Identity and Access Management (CIAM) 101

• Avoiding the cybersecurity blame game

• RansomLord: Open-source anti-ransomware exploit tool

• Cybersecurity jobs available right now: May 29, 2024

• A closer look at GenAI impact on businesses

• Spyware maker pcTattletale says it’s ‘out of business’ and shuts down after data breach

• 
Is that It? Finding the Unknown: Correlations Between Honeypot Logs & PCAPs [Guest Diary], (Tue, May 28th)

• ISC Stormcast For Wednesday, May 29th, 2024 https://isc.sans.edu/podcastdetail/9000, (Wed, May 29th)

• Is that It? Finding the Unknown: Correlations Between Honeypot Logs & PCAPs [Guest Diary], (Tue, May 28th)

• Using Scary but Fun Stories to Aid Cybersecurity Training

Generated on 2024-05-30 23:55:09.207460