IT Security News Daily Summary 2024-07-23

• Yann LeCun says Meta AI ‘quickly becoming most used’ assistant, challenging OpenAI’s dominance

• How Pearson’s AI assistant can help teachers save time

• Intro: How to use BlackArch Linux for pen testing

• Get a Microsoft Visual Studio Pro license for 90% off

• The best 50-inch TVs of 2024: Expert recommended

• Buy a one-year subscription to Microsoft 365 for $45 right now

• The best sleep trackers of 2024: Expert tested and reviewed

• Cisco and social justice: A commitment with deep roots and a bold future

• How did a CrowdStrike config file crash millions of Windows computers? We take a closer look

• The Ninja Creami Ice Cream Maker is still $32 off after Prime Day

• Microsoft Copilot vs. Copilot Pro: Is the subscription fee worth it?

• The best robot mops for 2024: Expert tested and reviewed

• Buy Microsoft Office 2021 for Windows for $60

• The best rugged phones of 2024: Expert tested and reviewed

• You can still buy an iPhone 15 for one cent after Prime Day – here’s how the deal works

• Phish-Friendly Domain Registry “.top” Put on Notice

• Empower Your Developers with Software Supply Chain Security

• Deep Sea Phishing Pt. 1

• What You Need to Know About SEC Compliance Requirements

• MFA Failures and Surging Ransomware Losses: What’s Going On?

• The best robot mowers of 2024: Expert tested and reviewed

• Motorola’s $399 Razr is the cheapest foldable phone deal right now (and it’s surprisingly good)

• Samsung Galaxy Z Fold 6 vs. OnePlus Open: I’ve tested both and the winner is not so obvious

• The best robot vacuums for pet hair of 2024: Expert tested and reviewed

• Become a Sam’s Club member for $25 – that’s 50% off

• I replaced my Samsung Galaxy S24 Ultra with the Z Fold 6 for a week – and can’t go back

• The best Roborock vacuums of 2024: Expert tested and reviewed

• Mass layoffs and data breaches could be connected

• Canadian Startup Protexxa Attracts $10 Million Series A Financing

• OpenAI shares safety updates after whistleblower complaints, lawmaker demands

• Change this Android setting to instantly give your phone twice the speed

• The best robot vacuum mops of 2024: Expert tested and reviewed

• QR Codes: Convenience or Cyberthreat?

• Play Ransomware Variant Targeting Linux ESXi Environments

• Copilot Pro vs. ChatGPT Plus: Which AI chatbot is worth your $20 a month?

• The best iPhone power banks of 2024: Expert tested and reviewed

• Linux Mint 22 is official! Here’s what’s new and how to try it for yourself

• This stereo amp made me feel like I was hearing my favorite songs for the first time

• Meta inches toward open source AI with new LLaMA 3.1

• Hackers abused swap files in e-skimming attacks on Magento sites

• Protecting AI systems from cyber threats

• Administrators have update lessons to learn from the CrowdStrike outage

• IRS Warns Car Dealers of New Phishing and Smishing Threats

• Whose Voice Is It Anyway? AI-Powered Voice Spoofing for Next-Gen Vishing Attacks

• Why NDR is Key to Cyber ‘Pest Control’

• Amazon revamps Prime Video to help you navigate your content and subscriptions

• Leaked Google TV Streamer photos show a device nothing like the Chromecast

• The best NAS devices of 2024: Expert tested

• The best power banks of 2024: Expert tested

• Cyber Security Public-Private Partnerships Are Taking Off in APAC

• Introducing Identity Continuity™: Uninterrupted access and security in an always-on world

• Strata Identity Announces General Availability of Identity Continuity for Zero Application Downtime During IDP Outages

• AppViewX AVX ONE CLM – Managing Java TrustStore with Google Cloud Platform

• H1 SCA Roundup – Defending Users Against Constantly Evolving Cyber Threats

• EFF Angry as Google Keeps 3rd-Party Cookies in Chrome

• New Exploit Variation Against D-Link NAS Devices (CVE-2024-3273), (Tue, Jul 23rd)

• Statement from CISA Director Easterly on Leadership Changes at CISA

• Play Ransomware targets VMware ESXi Servers

• Strengthening Cybersecurity in Healthcare

• Italy Investigates Google for Unfair Practices in Obtaining User Consent for Ad Profiling

• Google admits it can’t quite quit third-party cookies

• CISA Releases Four Industrial Control Systems Advisories

• National Instruments IO Trace

• National Instruments LabVIEW

• CISA Adds Two Known Exploited Vulnerabilities to Catalog

• Hitachi Energy AFS/AFR Series Products

• Imperva Customers Protected Against Critical ServiceNow Vulnerability

• Heimdal Integrates with Autotask PSA to Elevate MSP Operations and Drive Market Expansion

• How Cyber Risks Have Become Business Risks

• Cybercrooks spell trouble with typosquatting domains amid CrowdStrike crisis

• Google Will Keep Third-Party Cookies in Chrome

• Pro-Houthi Group Deploys Android Spyware to Target Yemeni Humanitarian Orgs

• How an IT Team Used Windows 3.1 to Mitigate a Massive CrowdStrike Outage

• Sensitive Health Data of 12.9 Million Individuals Stolen in Cyberattack

• iRobot just launched the most feature-packed Roomba ever – and it costs less than you think

• Microsoft scraps Copilot Pro GPT Builder and removes all user data

• Alphabet’s reported $23B bet on Wiz fizzles out

• LOKKER introduces web privacy risk summary for insurers

• Russia Shifts Cyber Focus to Battlefield Intelligence in Ukraine

• Chinese Espionage Group Upgrades Malware Arsenal to Target All Major OS

• How To Manage Alert Overload and Build the Skills of Your Security Team

• Study: TikTok Lite is a ‘safety hazard’ for millions of users around the world

• Standalone Service Mesh Solution or Lightweight Option: Which is Right for You?

• Mexico’s Largest ERP Provider ClickBalance Exposes 769 Million Records

• The best AI image generators of 2024: Tested and reviewed

• Ketch No-Code Rights Automation empowers non-technical teams to manage DSR requests

• Strata Identity Continuity prevents mission-critical applications from going offline

• Why MSSPs Should Transition from Fear-Based Sales Strategies to a Value-Centric Approach

• Switzerland now requires all government software to be open source

• SCW Trust Agent measures developers’ security competencies for code commits

• Chinese Hackers Target Taiwan and US NGO with MgBot Malware

• Hackers Abusing Google Cloud For Phishing

• Beware Of Dating Apps Exposing Your Personal And Location Details To Cyber Criminals

• Google backpedals on plan to eliminate third-party cookies in Chrome

• User Protection Suite Secures Against Talos Top Ransomware Attack Trends

• Striking a Chord Between My Passions and Career at Cisco

• Wiz Walks Away From $23 Billion Google Bid

• Supply Chain Cyberattacks are on the Rise – Here’s How U.S. Businesses can Fortify Their Defenses

• Shadow IT: The Unavoidable Reality and How To Embrace It Safely

• Security Challenges in AI-Powered Applications

• 5 Reasons IGA Programs Fail

• CrowdStrike Speeding Up Remediation of Systems Hit by Blue Screen of Death

• Navigating the Cyber Landscape: Understanding Threat Intelligence

• Popular Ukrainian Telegram Channels Hacked to Spread Russian Propaganda

• New ICS Malware ‘FrostyGoop’ Targeting Critical Infrastructure

• Price Drop: Get on CompTIA Certification Track With These $25 Study Guides

• Bitwarden vs Dashlane (2024): Which Password Manager Is Best?

• WPA2 vs. WPA3

• 2017 ODNI Memo on Kaspersky Labs

• CISOs and CIOs confront growing data protection challenges in the era of AI and cloud

• The changes in the cyber threat landscape in the last 12 months

• Privilege escalation: unravelling a novel cyber-attack technique

• Enhancing the cybersecurity talent pool is key to securing our digital future

• FrostyGoop Malware Used to Shut down Heat in Ukraine Attack

• Two Russian Nationals Charged for Cyber Attacks against U.S. Critical Infrastructure

• Law Enforcement Disrupts DDoS-for-Hire Service DigitalStress

• Ukrainian Institutions Targeted Using HATVIBE and CHERRYSPY Malware

• Meta Given Deadline to Address E.U. Concerns Over ‘Pay or Consent’ Model

• Magento Sites Targeted with Sneaky Credit Card Skimmer via Swap Files

• How to Securely Onboard New Employees Without Sharing Temporary Passwords

• Everyone Has a Zero-Trust Plan Until They Get Punched in the Face

• Vulnerabilities in LangChain Gen AI

• Hiring Kit: Security Architect

• How Russia-Linked Malware Cut Heat to 600 Ukrainian Buildings in Deep Winter

• 1-15 April 2024 Cyber Attacks Timeline

• Ransomware Takedowns Leave Criminals Scrambling for Stability

• Cybersecurity News: CrowdStrike update, Russian criminals sanctioned, ransomware shuts down courts

• Nvidia Said To Develop ‘Blackwell’ AI Chip For China

• Xiaomi Entered EV Market ‘Due To US Sanctions’

• Double-Digit Growth For Google Expected Amidst AI Push

• US Cracks Down On Tech Shipments To Russia

• Wisk Plans Autonomous Air Taxi Flights By Decade’s End

• Securing Diverse Environments: Security Configuration Management

• The Importance of Ethics in Cybersecurity

• Cursed tapes: Exploiting the EvilVideo vulnerability on Telegram for Android

• UK: NCA Infiltrates DDoS-for-Hire Site as Suspected Controller Arrested in Northern Ireland

• Vulnerability in Telegram app for Android allows sending malicious files disguised as videos

• How to Enhance Your System’s Security with Master Data Governance

• Dragos: New ICS malware FrostyGoop abuses Modbus

• Hackers shut down heating in Ukrainian city with malware, researchers say

• US Gov sanctioned key members of the Cyber Army of Russia Reborn hacktivists group

• Securing AI around the world

• Global Outage: What Went Wrong with Microsoft?

• Rezonate Streamlines Identity Security Across IT Environments

• Gcore raises $60 million to drive AI innovation

• Prolific DDoS Marketplace Shut Down by UK Law Enforcement

• Threat Actors Taking Advantage of CrowdStrike BSOD Bug to Deliver Malware

• Wiz to Pursue IPO as It Walks Away From $23 Billion Google Deal

• Solving the 7777 Botnet enigma: A cybersecurity quest

• NCA Shut’s Down the Most Popular “digitalstress” DDoS-for-hire Service

• From Smartphones to State Security: The Reach of China’s New Surveillance Laws

• 4 Ways BYOI and Social Login Enhance User Experience

• Play Ransomware’s Linux Variant Attacking VMware ESXi Servers

• Major Cyber Threats lurking at Paris Olympic Games 2024

• In Response to the Microsoft-CrowdStrike Incident: July 2024

• 5 Ways Generative AI is Revolutionizing Cybersecurity Defense

• The CISO’s approach to AI: Balancing transformation with trust

• Google Abandons Plan to Phase Out Third-Party Cookies in Chrome

• 10 fintech companies to watch in 2024

• Wiz walks away from Google’s $23B acquisition offer: Read the CEO’s note to employees

• Despite economic uncertainty, organizations are prioritizing SaaS security investments

• Confidential AI: Enabling secure processing of sensitive data

• Firmware, Supply Chain, and Frameworks – NIST SP 800-53

• ISC Stormcast For Tuesday, July 23rd, 2024 https://isc.sans.edu/podcastdetail/9064, (Tue, Jul 23rd)

• Google’s plan to drop third-party cookies in Chrome crumbles

• EvilVideo, a Telegram Android zero-day allowed sending malicious APKs disguised as videos

• Fight for global AI lead may boil down to governance

• This Firefox extension is a must-have tool for YouTube super users

• I changed these 5 TV settings to lower my electric bill. Here’s why they work

• How ‘bubbling’ Android messages can simplify your text life

• IT Security News Daily Summary 2024-07-22

• Microsoft Releases Tool to Fix CrowdStrike-Caused Windows Chaos

• Apple accelerates AI efforts: Here’s what its new models can do

• New Microsoft Recovery Tool for CrowdStrike Issue on Windows Endpoints

• Buy Microsoft Office for Windows or Mac for $25 right now

• NCSWIC Planning Training, and Exercise Committee releases the Human Factors Resource Guide

• Can’t hear TV dialogue? 3 fixes to dramatically improve your television’s audio – and 2 are free

• The best rechargeable batteries of 2024

• Global cops power down world’s ‘most prolific’ DDoS dealership

• The best satellite phones of 2024: Expert tested and reviewed

• Get a Babbel subscription for 76% off right now

• What is exposure management?

• Vulnerability Recap 7/22/24 – CrowdStrike Issue Is One of Many

• Supreme Court Dodges Key Question in Murthy v. Missouri and Dismisses Case for Failing to Connect The Government’s Communication to Specific Platform Moderation

• The First 10 Days of a vCISOs Journey with a New Client

• Multiple Vulnerabilities Found In XenForo Internet Forum Solution

• Save 33% with a free Xbox Game Pass: Don’t miss this Fire TV Stick bundle post-Prime Day sale

• One of the best productivity laptops I’ve tested is not made by Lenovo or Apple

• The best M.2 SSDs of 2024: Expert tested and reviewed

• CrowdStrike’s Faulty Update Triggers Global Microsoft Outage

• Daniel Stori’s ‘Blue Screen of Death’

• ShapeUp at Flare: A Game-Changer for Project Management

• USENIX Security ’23 – High Recovery With Fewer Injections: Practical Binary Volumetric Injection Attacks Against Dynamic Searchable Encryption

• Complex Technology Stack Supports Sprawling Chinese Crime Operation

• SPF, DKIM, DMARC Setup Guide for Google Workspace

• Want to try GPT-4o mini? 3 ways to access the smarter, cheaper AI model – and 2 are free

• Sign up for a Costco membership and get a $40 gift card for free. Here’s how

• The best microSD cards of 2024: Expert tested

• Upgrade to Windows 11 Pro for $40 right now

• Samsung Messages is getting bumped for Google’s app. Here’s how to prepare

• The best laptops of 2024 under $1,000: Expert tested and reviewed

• Linx Security Raises $33M to Tackle Digital Identity Threats

• CodeSecDays 2024: A Deep Dive in Software Supply Chain Security

• Telegram Android Vulnerability “EvilVideo” Sends Malware as Videos

• The best laptop cooling pads of 2024: Expert tested

• How to stop spam texts on your iPhone in 3 easy steps

• How to watch the 2024 Summer Olympics without cable

• How to use the AWS Secrets Manager Agent

• Snag this 85-inch TCL TV for just $1,000 after Prime Day

• The Samsung TV most people should buy isn’t even the latest, and it’s $1,300 off after Prime Day

• Every iPhone model that can be updated to Apple’s iOS 18 (and which ones can’t)

• Cisco Decipher: Enhancing US Public Sector Cybersecurity Knowledge

• LA County Superior Court closes doors to reboot justice after ransomware attack

• 10,000 WordPress Sites Affected by High Severity Vulnerabilities in BookingPress WordPress Plugin

• NHS Delays Continue After Windows Outage

• Chinese Vigorish Viper Exploits DNS and Football Sponsorships for Illegal Gambling

• Empowering Developers in Code Security

• One of the best QLED TVs I’ve tested is still $400 off even after Prime Day

• Why don’t more people use desktop Linux? I have a theory you might not like

• CrowdStrike’s fallout, Harris’s stance on tech and Yandex’s rise from the ashes

• Cybercrooks crafting solo careers in wake of ransomware takedowns

• Quantum Navigation as the Successor to GPS

• Massive Cyber Attack Hits MediSecure, Impacting Millions of Australians

• WazirX Responds to Major Cyberattack with Trading Halt and Bounty Program

• Dark Web Intel Underutilized by CISOs, Diminishing Healthcare Industry

• I tested MSI’s $4,000 laptop for work, and it’s the MacBook Pro’s biggest competition

• Why Privacy Badger Opts You Out of Google’s “Privacy Sandbox”

• Play Ransomware Expands to Target VMWare ESXi Environments

• Indian PM Narender Modi asks to Log Off of each Microsoft Windows Sessions

• CrowdStrike Says ‘Significant Number’ Of Systems Back Online

• I improved my iPhone’s battery life by changing these 10 settings

• TechCrunch Minute: What caused last week’s major tech outage?

• Safety Equipment Giant Cadre Holdings Hit by Cyberattack

• What I learned from the ‘Microsoft global IT outage’

• Forget Windows 11: Nobara Linux is the OS for everyone

• Google plans mass crackdown on Android apps that don’t meet these new standards

• Explaining the largest IT outage in history and what’s next

• Scammers Rush In to Exploit CrowdStrike Chaos

• Ransomware Groups Fragment Amid Rising Cybercrime Threats

• Heritage Foundation data breach containing personal data is available online

• CrowdStrike caused Windows outage chaos for airports, banks, and more. Here’s what happened

• Electrifying Jackery deals extended by 48 hours! Power station prices slashed by up to 50%!

• Get a Lifetime Subscription of FastestVPN for just $40

• Where to place a firewall in an enterprise network

• US Sanctions Russian Hacktivists for Targeting Critical Infrastructure

• Beyond Your Mess for Less: How Managed Services can Provide Sustainable Solutions for Organizational Cybersecurity

• How to Prepare Your Workforce for the Deepfake Era

• Experts Uncover Chinese Cybercrime Network Behind Gambling and Human Trafficking

• Microsoft releases a CrowdStrike recovery tool – here’s how it works

• Oracle coughs up $115M to make privacy case go away

• CISA Alert Calls Out Operating System Vulnerabilities

• Ransomware Attack Shuts Down LA County Courts, Halts Inmate Transfers, Evictions

• SonicOS IPSec VPN Vulnerability Let Attackers Cause Dos Condition

• Microsoft releases CrowdStrike recovery tool – here’s how it works

• Vulnerability Summary for the Week of July 15, 2024

• CrowdStrike: The Monday After, (Mon, Jul 22nd)

• Hackers Registered 500k+ Domains Using Algorithms For Extensive Cyber Attack

• Who needs ransomware when a faulty software update can shut down critical infrastructure?

• Linx emerges from stealth with $33M to lock down the new security perimeter: Identity

• EU gave CrowdStrike the keys to the Windows kernel, claims Microsoft

• Heeler Security raises $8.5 million to boost application security

• PINEAPPLE and FLUXROOT Hacker Groups Abuse Google Cloud for Credential Phishing

• India’s Largest Cryptocurrency Exchange WazirX Hacked: $234.9 Million Stolen

• Pioneering the New Frontier in AI Consumer Protection and Cyber Defense

• Two Russians sanctioned over cyberattacks on US critical infrastructure

• Microsoft releases tool to speed up recovery of systems borked by CrowdStrike update

• CrowdStrike: Key Perspectives on the IT Outage

• Hackers Claim Breach of Daikin: 40 GB of Confidential Data Exposed

• What caused the great CrowdStrike-Windows meltdown of 2024? History has the answer

• SocGholish malware used to spread AsyncRAT malware

• Application Security Startup Heeler Raises $8.5 Million in Seed Funding

• MSPs & MSSPs: How to Increase Engagement with Your Cybersecurity Clients Through vCISO Reporting

• How to Set up an Automated SMS Analysis Service with AI in Tines

• Emojis Are To Express Emotions, But CyberCriminals For Attacks

• The Pentagon Wants to Spend $141 Billion on a Doomsday Machine

• Snake Mimics a Spider

• The time is NOW to Support Passkeys for Your Customer Authentication!

• Beware Of Fake Browser Updates That Installs Malicious BOINC Infrastructre

• Surfshark vs CyberGhost (2024): Which VPN Is Better?

• Fake Grand Theft Auto VI Beta Download Spreads Malware

• CrowdStrike Incident Leveraged for Malware Delivery, Phishing, Scams

• Industry Moves for the week of July 22, 2024 – SecurityWeek

• California Officials Say Largest Trial Court in US Victim of Ransomware Attack

• VW Chief Discusses Free Trade With China Officials

• Data Breach Increases by Over 1,000% Annually

• Russian Nationals Plead Guilty to Participating in the LockBit Ransomware Group

• Securing the Grid: How Ransomware is Targeting Energy and Oil Sectors

• Join CISO Series Podcast LIVE in Seattle (08-21-24)

• From RA Group to RA World: Evolution of a Ransomware Group

• Tesla Production Lines ‘Shut Down’ By Global IT Outage

• Nigeria Fines Meta $220m Over Privacy Infringements

• Editorial: CrowdStrike Outage: Is Our IT Too Fragile?

• Cybercriminals Exploit CrowdStrike Outage Chaos

• Cybersecurity News: CrowdStrike hits Cloud PCs, criminals exploit CrowdStrike fix, CISA rebuked

• UK Arrests Suspected Scattered Spider Hacker Linked to MGM Attack

• 5 Phased Approach to Vulnerability Management: Best Practices

• MitM Attacks: Understanding the Risks and Prevention Strategies

• Attackers Abuse Swap File to Steal Credit Cards

• The Human Adaptability Gap and How to Close It

• Pro-Russia Hacktivists Target Olympic Games

• Oracle To Pay $115m In Privacy Lawsuit Settlement

• US Sanctions Russian Hackers Over Infrastructure Attacks

• US Sanctions Two Members of Russian ‘Cyber Army’ Hacktivist Group

• Analyzing Container Escape Techniques in Cloud Environments

• Two Russians Convicted for Role in LockBit Attacks

• Can I create and amend a PDF file on an iPhone for free?

• UK Police Arrested 17-year-old Boy Responsible for MGM Resorts Hack

• UK police arrested a 17-year-old linked to the Scattered Spider gang

• Fake CrowdStrike Fixes Target Companies With Malware, Data Wipers

• Experts Expect Ransomware Surge After Police Disruption

• A week in security (July 15 – July 21)

• SocGholish Malware Exploits BOINC Project for Covert Cyberattacks

• Our Shared Responsibility: Africa’s Cybersecurity Imperative

• CISA Says Malicious Hackers are ‘Taking Advantage’ of CrowdStrike Outage

• China Claims Volt Typhoon was a False Flag Inside Job Conspiracy

• Worst Cyber Event in History: CrowdStrike Update Causes Global Chaos. Cyber Security Today Special Edition for Monday, July 22, 2024

• Microsoft 2024 Windows IT meltdown impacts about 8.5 million devices

• How to Negotiate Ransomware Attacks: A Strategic Guide

• Media Briefing: EFF, Partners Warn UN Member States Are Poised to Approve Dangerous International Surveillance Treaty

• New Linux Variant of Play Ransomware Targeting VMware ESXi Systems

• Media Briefing: EFF, Partners Warn UN Member States are Poised to Approve Dangerous International Surveillance Treaty

• Cross-industry standards for data provenance in AI

• New Linux Variant of Play Ransomware Targeting VMWare ESXi Systems

• CIA AI director Lakshmi Raman claims the agency is taking a ‘thoughtful approach’ to AI

• Cellebrite got into Trump shooter’s Samsung device in just 40 minutes

• Cyber insurance 2.0: The systemic changes required for future security

• Shuffle Automation: Open-source security automation platform

• Ad-injecting malware posing as DwAdsafe ad blocker uses Microsoft-signed driver

• ISC Stormcast For Monday, July 22nd, 2024 https://isc.sans.edu/podcastdetail/9062, (Mon, Jul 22nd)

• CrowdStrike’s Falcon Sensor also linked to Linux kernel panics and crashes

Generated on 2024-07-23 23:55:12.217900