IT Security News Daily Summary 2024-06-05

• Malware can steal data collected by the Windows Recall tool, experts warn

• Dependency Injection

• Win for Free Speech! Australia Drops Global Takedown Order Case

• What is RansomHub? Looks like a Knight ransomware reboot

• Who are these RansomHub cyber-thieves? Looks like a Knight ransomware reboot

• Database Mess Up: Aussie Food Giant Patties Foods Leaks Trove of Data

• Cybersecurity Training Reduces Phishing Threats – With Numbers to Prove It

• Marketing Vs. Reality—What We Can Learn From The Ashley Madison Hack | Avast

• Cisco Talos: LilacSquid Threat Actor Targets Multiple Sectors Worldwide With PurpleInk Malware

• RansomHub Rides High on Knight Ransomware Source Code

• Vulnerability in Cisco Webex cloud service exposed government authorities, companies

• What is a cloud security framework? A complete guide

• Kali Linux 2024.2 released: 18 new tools, countless updates

• Few But High-Profile TikTok Accounts Hacked Via Zero-Click Attack in DM

• Emergency patches released for critical vulns impacting EOL Zyxel NAS boxes

• SUSE Linux Enterprise Server (SLES)

• How Proactive Responsible Radical Transparency Benefits Customers

• Bridging the gap between legacy tools and modern threats: Securing the cloud today

• Cisco Live 2024: New Unified Observability Experience Packages Cisco & Splunk Insight Tools

• Unseen Challenges in OT Security with DirectDefense

• How Proactive Responsible Transparency Benefits Customers

• Polish State Media Targeted in Alleged Russian-Backed Cyberattack

• Chinese State-Sponsored Operation “Crimson Palace” Revealed

• #Infosec 2024: Small Firms Need to Work Smarter to Stretch Security Budgets

• NHS Ransomware Attack 2024 launched by Russia

• Google Must Face $17 Billion Adtech Lawsuit, Tribunal Rules

• CEO Corner: Preparing for the Unavoidable – Why Incident Response Readiness is Non-Negotiable

• USENIX Security ’23 – HOMESPY: The Invisible Sniffer of Infrared Remote Control of Smart TVs

• Global Resurgence of Grandoreiro Banking Trojan Hitting High

• CISA Hosts First Annual Information and Communications Technology Supply Chain Risk Management Task Force Conference

• Outshift by Cisco Releases Motific’s AI Capabilities with the Power of Mistral AI Behind It

• Cisco Continues Elevating Partner AI Capabilities to Meet Customer Demand

• WhatsApp Bans 7.1 Million Indian Users, Warns of More Bans for Rule Violations

• #Infosec2024 Spyware: A Threat to Civil Society and a Threat to Business

• FBI Warns of Rise in Work-From-Home Scams

• Join Us 06-21-24 for “Hacking Generative AI Anxiety” – Super Cyber Friday

• 40,000 WordPress Sites affected by Vulnerability That Leads to Privilege Escalation in Login/Signup Popup WordPress Plugin

• Russian Hackers Blamed As Ransomware Impacts London Hospitals

• Reporting ransomware attacks: Steps to take

• Bringing the Cisco AppDynamics + Splunk Better Together story to Cisco Live

• CES: AI at the Forefront of Cybersecurity’s Future

• How Poor Cryptographic Practices Endanger Banking Software Security

• Zoho’s security stack improves businesses’ protections against breaches and attacks

• #Infosec24: 104 EU Laws Have Different Definitions of Cybersecurity

• Brute Force Attacks Against Watchguard VPN Endpoints, (Wed, Jun 5th)

• Akamai Celebrates Earth Day with a Cleanup of Rio Agres

• 2024: Old CVEs, New Targets ? Active Exploitation of ThinkPHP

• Cisco addressed Webex flaws used to compromise German government meetings

• What Are the Benefits of Choosing an AI Trading Bots?

• Tines’ AI features enhance workflow automation for security and IT teams

• Financial sextortion scams on the rise

• Why Millions of Pcs Aren’t Ready for Evolving Cyber Threats

• #Infosec24: Go Back to Basics With Risk Management to Tackle AI Risk

• Amazon’s First Trade Union Seeks Association With Largest US Union

• Researchers Show How Malware Could Steal Windows Recall Data

• Hypr Raises $30 Million for Passwordless Authentication

• Why Digital Threats are the New Frontier in Executive Protection

• Rise of Cybercrime in India: Reasons, Impacts & Safety Measures

• Securing India’s Infrastructure: Key Takeaways from the Colonial Pipeline Hack

• Globl Cybercrime Ring Dismantled in Landmark Operation by Thai and US Authorities

• Netskope introduces SaaS security enhancements to Netskope One for GenAI and SaaS collaboration

• Infosec24: Go Back to Basics With Risk Management to Tackle AI Risk

• Chinese Hackers Attacking Government Organization In Southeast Asia

• Say hello to the fifth generation of Malwarebytes

• Attention TikTok Users: Celebrities Accounts Targeted Including Paris Hilton

• The 4 Biggest Challenges for the Hybrid Enterprise and What CISOs Need to Solve Them

• What Individuals Get Wrong About Business Email Compromise

• Photos: Infosecurity Europe 2024

• Protecting PII Data With JWT

• Are Password Managers Safe to Use? (Benefits, Risks & Best Practices)

• 4 cuffed following probe into holiday scheme for cybercrooks

• Thales Passwordless 360° enables organizations to improve their identity management practices

• Intel 471 launches 471 Attack Surface Protection to enhance external threat visibility

• DarkGate switches up its tactics with new payload, email templates

• Understanding HyperCycle’s HyperShare Smart Contract Feature

• Beware Of Phishing Emails Prompting Execution Via Paste (CTRL+V)

• Resurgence of Ransomware: Mandiant Observes Sharp Rise in Criminal Extortion Tactics

• ‘NsaRescueAngel’ Backdoor Account Again Discovered in Zyxel Products

• Unpacking 2024’s SaaS Threat Predictions

• Chinese State-Backed Cyber Espionage Targets Southeast Asian Government

• CNN, Paris Hilton, and Sony TikTok accounts hacked via DMs

• MSPs Look to Streamline Cybersecurity Partnerships, Skills Shortage Persists

• Phishing for Gold: Cyber Threats Facing the 2024 Paris Olympics

• OpenAI, DeepMind Workers Warn Of AI Risks In Open Letter

• 361 Million Unique Email Credentials Leaked On Telegram Channels

• Online Privacy and Overfishing

• 225,000 More Cybersecurity Workers Needed in US: CyberSeek

• Rebranded Knight Ransomware Targeting Healthcare and Businesses Worldwide

• What’s up with the new kids?

• Hackers Leak 230,000 Users’ Data in “Tech in Asia” News Outlet Breach

• Big name TikTok accounts hijacked after opening DM

• The Age of the Drone Police Is Here

• TotalRecall shows how easily data collected by Windows Recall can be stolen

• TargetCompany’s Linux Variant Targets ESXi Environments

• TikTok Warns Cyberattack Targetted High Profile Accounts

• London Hospitals Cancel Operations and Appointments After Being Hit in Ransomware Attack

• Cisco Patches Webex Bugs Following Exposure of German Government Meetings

• Certificate Lifecycle Management The Key to Robust Digital Security in Healthcare

• Verimatrix XTD Accessibility Abuse Detector identifies Android mobile app threats

• #Infosec2024: Organizations Urged to Adopt Safeguards Before AI Adoption

• #Infosec2024: Data Security Needs to Catch Up With Growing Threats

• Cybersecurity News: London hospitals hit by ransomware, Christie’s stolen data sold, RansomHub claims Frontier breach

• Australia Drops Knife Attack Case Against X

• A Brief Look at AI in the Workplace: Risks, Uses and the Job Market

• Life in Cybersecurity: From the Classroom to the Next Generation of Cybersecurity Professional

• AI Autonomy and the Future of Cybersecurity

• An American Company Enabled a North Korean Scam That Raised Money for WMDs

• Ransomware Gang Leaks Data From Australian Mining Company

• Cyber Security Today, June 5, 2024 – New threat actor going after American IT firms, Canada’s Auditor General slams federal cybercrime-fighting agencies

• Threat Actors Weaponize Excel Files To Attack Windows Machines

• Microsoft Details AI Jailbreaks And How They Can Be Mitigated

• ESAs and ENISA sign a Memorandum of Understanding to strengthen cooperation and information exchange

• Appdome SDKProtect reduces third-party mobile supply chain risk

• How Hackers Using Packers To Hide Malware & Bypass Defenses

• Darkcrystal RAT Malware Attacking Government Officials Via Signal Messenger

• Zyxel addressed three RCEs in end-of-life NAS devices

• N2WS launches cross-cloud volume restore for AWS and Azure

• #Infosec2024: Tackling Cyber Challenges of AI-Generated Code

• Zyxel Releases Patches for Firmware Vulnerabilities in EoL NAS Models

• Celebrity TikTok Accounts Compromised Using Zero-Click Attack via DMs

• TikTok faces cyber attack but only few celebrities and brands impacted

• Unveiling the Mechanics of Offline Data Theft: How Your Information Can Be Compromised Beyond the Digital Realm

• Microsoft paid Tenable a bug bounty for an Azure flaw it says doesn’t need a fix, just better documentation

• Command Senior Chief Convicted For Setting Up Wi-Fi On US Navy Combat Ship

• Breaking a Password Manager

• Developers Beware Of Malicious npm Package Delivers Sophisticated RAT

• No summer break for cybercrime: Why educational institutions need better cyber resilience

• How AI-powered attacks are accelerating the shift to zero trust strategies

• Find out which cyber threats you should be concerned about

• Cybersecurity jobs available right now: June 5, 2024

• ISC Stormcast For Wednesday, June 5th, 2024 https://isc.sans.edu/podcastdetail/9010, (Wed, Jun 5th)

• 8 Takeaways from Apple 2023 Threat Research

• Congratulations to the 2024 Americas CX Customer Hero Award Winners

• A ransomware attack on Synnovis impacted several London hospitals

• IT Security News Daily Summary 2024-06-04

• A SANS’s 2024 Threat-Hunting Survey Review

• Utility scams update

• SecOps Teams Shift Strategy as AI-Powered Threats, Deepfakes Evolve

• Cogility Launches TacitRed – Tactical Attack Surface Management

• Command senior chief busted for secretly setting up Wi-Fi on US Navy combat ship

• RelationalAI launches powerful Knowledge Graph Coprocessor for Snowflake users

• 5 ways to save your Windows 10 PC in 2025 – and most are free

• Former OpenAI Employees Lead Push to Protect Whistleblowers Flagging Artificial Intelligence Risks

• Russian Threat Groups Turn Eyes to the Paris Olympic Games

• TikTok acknowledges exploit targeting high-profile accounts

• Car Makers Shouldn’t Be Selling Our Driving History to Data Brokers and Insurance Companies

• Pentagon ‘doubling down’ on Microsoft despite ‘massive hack,’ senators complain

• NIST 2.0: Securing Workload Identities and Access

• Life in the Swimlane with Emily Spector, Senior SDR

• The Role of DevSecOps in Enhancing CNAPP Efficiency

• TikTok Hack Targets ‘High-Profile’ Users via DMs

• Best of the Best: Cisco Customer Advocate Awards: Americas 2024 Winners

• RansomHub gang claims the hack of the telecommunications giant Frontier Communications

• Security challenges in the financial sector⎪Max Imbiel (CISO, Bitpanda)

• The best secure browsers for privacy in 2024: Expert tested

• London NHS Crippled by Ransomware, Several Hospitals Targeted edit

• Industry Innovation: Solving Business Challenges in Retail

• Cybercriminals attack banking customers in EU with V3B phishing kit – PhotoTAN and SmartID supported.

• Security Considerations When Building SaaS

• Was the Ticketmaster Leak Snowflake’s Fault?

• UAE Takes Measures to Strengthen Cybersecurity in the META Region

• London Hospitals Cancel Operations Following Ransomware Incident

• Ransomware attack on NHS and Google Data Breach 2024 details

• Paris Olympics 2024: Cyber Attackers are Targeting Companies Associated With Games, Report Finds

• Cisco Live 2024: Cisco Unveils AI Deployment Solution With NVIDIA

• #Infosec2024 Ransomware: The Key Updates You Need to Know

• New OpenSSL Patch Releases Available

• Ukraine Hit by Cobalt Strike Campaign Using Malicious Excel Files

• Developers Beware Of Malicious npm Package That Delivers Sophisticated RAT

• Secure Web Gateway vs Firewall: Learn the Difference

• Russian Power Companies, IT Firms, and Govt Agencies Hit by Decoy Dog Trojan

• London hospitals declare critical incident after service partner ransomware attack

• CISOs and Senior Leadership at Odds Over Security

• 5G and SASE: Reimagining WAN Infrastructure

• Check Point Warns Of Zero-Day In Network Security Gateway Products

• Europol Puts An End To Major Botnets With ‘Operation Endgame’

• XSS Flaws In Multiple WordPress Plugins Exploited To Deploy Malware

• Cracked Microsoft Office Version Delivers Multiple Pronged Malware

• This Hacker Tool Extracts All the Data Collected by Windows’ New Recall AI

• AI Takes Center Stage in the Data Center

• Cisco Live 2024: Ensure Digital Resilience, Pervasive Security, and Simpler Operations

• Entering the New Era of Digital Experience Assurance Across Every Network

• Cisco Security at Cisco Live 2024: Innovating at Scale

• Cisco Live 2024: Enhancing Network Simplicity and Efficiency While Facilitating Superior Digital Experiences

• Fraudulent Browser Updates Are Propagating BitRAT and Lumma Stealer Malware

• RedTail Cryptominer Exploits Critical Zero-Day in PAN-OS

• Why Mid-Sized Businesses Are Attractive Targets for Cyber Criminals

• Veeam Data Cloud Vault enables users to securely store backup data

• LOKKER Consent Verification identifies potential compliance issues

• Account Takeovers Outpace Ransomware as Top Security Concern

• Help Desk Personnel are the Side Door for Cybercriminals

• Decoding Router Vulnerabilities Exploited by Mirai: Insights from Honeypot Data

• The Year in GenAI: Security Catches Up with Innovation

• Telerik Report Server Flaw Could Let Attackers Create Rogue Admin Accounts

• Cisco Enhances Zero Trust Access with Google

• The Cybersecurity Conundrum: Navigating the Challenges with Fewer Resources and Rising Threats

• Christie’s stolen data sold to highest bidder rather than leaked, RansomHub claims

• PoC for Progress Telerik RCE chain released (CVE-2024-4358, CVE-2024-1800)

• Embracing the benefits of LLM securely

• How to ensure the security of your SaaS platform

• Extend & Strengthen DDoS Security Across the Entire Network with Infinity Playblocks

• Details of Atlassian Confluence RCE Vulnerability Disclosed

• AI’s Impact on the Job Market: 12 Million Occupational Transitions by 2030

• ManageEngine unveils passwordless, phishing-resistant FIDO2 authentication

• #Infosec2024: How to Develop Your Future Team

• New Ways for CNAPP to Shift Left and Shield Right: The Technology Trends That Will Allow CNAPP to Address More Extensive Threat Models

• Microsoft accused of tracking kids with education software

• Uniview NVR301-04S2-P4

• CISA Releases Four Industrial Control Systems Advisories

• Cybercrooks Get Cozy With BoxedApp To Dodge Detection

• NIST Turns To IT Consultants To Clear National Vulnerability Database

• Google Accidentally Published Internal Search Docs To GitHub

• Vulnerabilities Exposed Millions Of Cox Modems To Remote Hacking

• Tightening Water Cybersecurity is Now Imperative as Biden Administration Issues Urgent Warning to State Leaders

• Microsoft is again named the overall leader in the Forrester Wave for XDR

• SailPoint Risk Connectors helps organizations identify and act on risks

• New Multi-Stage Malware Targets Windows Users in Ukraine

• No-Defender, Yes-Defender, (Tue, Jun 4th)

• Mastering the Art of Least Privilege Access Implementation: A Comprehensive Guide

• The Importance of Crypto Agility in Preventing Certificate-Related Outages

• Consolidation is Coming to Corporate Security Technology

• eBook: Breaking bad actors

• #Infosec24: Enterprise Browser Touted as Solution to GenAI Privacy Risks

• Relying on the Unreliable

• Ransomware Group Claims Cyberattack on Frontier Communications

• CISA Warns of Attacks Exploiting Old Oracle WebLogic Vulnerability

• Progress Patches Critical Vulnerability in Telerik Report Server

• Wipro Cyber X-Ray empowers CXOs to make optimized security investment decisions

• Combining Sekoia Intelligence and OpenCTI

• Transforming SOC Operations: How TacitRed Curated Threat Intelligence Boosts Analyst Efficiency and Delivers Tactical Attack Surface Intelligence

• ShinyHunters Resurrect BreachForums Shortly After FBI Takedown

• CISA Adds A Linux Vulnerability To Its Known Exploits Catalog

• Replicate AI Vulnerability Could Expose Sensitive Data

• Dessky Snippets WordPress Plugin Exploited For Card Skimming Attacks

• ChatGPT plugin flaws introduce enterprise security risks

• February 2024 Cyber Attacks Statistics

• 361 million account credentials leaked on Telegram: Are yours among them?

• Hackers Use MS Excel Macro to Launch Multi-Stage Malware Attack in Ukraine

• The Next Generation of RBI (Remote Browser Isolation)

• Debt collection agency FBCS leaks information of 3 million US citizens

• Cybercrooks get cozy with BoxedApp to dodge detection

• Ransomware Group Creation Touched Yearly All Time High

• Russian Hackers In Attempt To Distrupt The 2024 Paris Olympic Games

• Experts released PoC exploit code for a critical bug in Progress Telerik Report Servers

• Unlocking HIPAA Compliance: Navigating Access Control and MFA Guidelines

• #Infosec24: Deepfake Expert Warns of “AI Tax Havens”

• The Value of Data

• 6 Best VPNs for the UK in 2024

• AI Is Your Coworker Now. Can You Trust It?

• Snowflake Warns: Targeted Credential Theft Campaign Hits Cloud Customers

• From Text to Action: Chatbots in Their Stone Age

• Tech Titans Adopt Post-Quantum Encryption to Safeguard User Data

• How to Start a Career in Cybersecurity

• Vulnerabilities Exposed Millions of Cox Modems to Remote Hacking

• Cybersecurity M&A Roundup: 28 Deals Announced in May 2024

• I’m Rewarding Your Successful Use of the Security Budget by Giving You Less of It

• Prosecutors Say Lynch Behind Autonomy Fraud

• Inside the Biggest FBI Sting Operation in History

• What is DKIM Vulnerability? DKIM l= tag Limitation Explained

• Cybersecurity News: Russian criminals unmasked, Background check firm breach, Creds added to HIBP

• Microsoft ‘Cuts Hundreds Of Cloud Jobs’

• Spotify Raises US Prices In Profit Drive

• Zyxel NAS Devices Vulnerability Let Attackers Execute Code Remotely

• 37 Vulnerabilities Patched in Android

• Soliciting Input Regarding a Potential Hardening Effort

• Russians Love YouTube. That’s a Problem for the Kremlin

• Nvidia, AMD Hawk AI Chips As Computex Opens

• Computex: Qualcomm Promotes Windows AI Chips With ‘I’m A Mac’ Actor

• Plainsea cybersecurity platform to launch at Infosecurity Europe

• Data Defense: Leveraging SaaS Security Tools

• Trend Micro Inline NDR enhances threat detection and response

• #Infosec2024: UK Businesses Faced with Month-Long Recoveries from Supply Chain Attacks

• Google To Scale Back AI Searches In Latest Controversy

• Multiple flaws in Cox modems could have impacted millions of devices

• Podcast Episode: AI on the Artist’s Palette

• It?s Getting Hot in Here: EMEA SOTI

• Underground Ransomware Continues to Attack Industries Of Various Sizes

• DarkGate Malware Replaces AutoIt with AutoHotkey in Latest Cyber Attacks

• #Infosec2024: Conflicts Drive DDoS Attack Surge in EMEA

• Android and iPhone users are vulnerable to Zero Click hacks

• 20 free cybersecurity tools you might have missed

• Third-party vendors pose serious cybersecurity threat to national security

• Oracle WebLogic Server OS Command Injection Flaw Under Active Attack

• Security challenges mount as as companies handle thousands of APIs

• 50 CISOs & Cybersecurity Leaders Shaping the Future

• Hudson Rock yanks report fingering Snowflake employee creds snafu for mega-leak

• ISC Stormcast For Tuesday, June 4th, 2024 https://isc.sans.edu/podcastdetail/9008, (Tue, Jun 4th)

• The NIST Finally Hires a Contractor to Manage CVEs

Generated on 2024-06-05 23:55:09.890288