IT Security News Daily Summary 2024-07-27

• Ukraine’s cyber operation shut down the ATM services of major Russian banks

• Create Your Own BSOD: NotMyFault, (Sat, Jul 27th)

• North Korean Hacker Indicted for Cyber Attacks on U.S. Hospitals, NASA, and Military Bases

• Telegram Users Cross 900 Million, Company Plans to Launch App Store

• The best cheap gaming PCs of 2024: Expert recommended

• USENIX Security ’23 – Hiding in Plain Sight: An Empirical Study of Web Application Abuse in Malware

• Teen Hacker Linked to Hacking of Government Agencies, School Websites

• Hacker Alleges Theft of Piramal Group’s Employee Data; Company Denies Breach as “Erroneous and Misleading”

• Pharmacy Network Sues Change Healthcare Post-Cyberattack

• Get this top-rated 12-in-1 electric screwdriver for $60!

• This 3-in-1 MagSafe charger is my new favorite travel accessory, it supports Qi2

• This power station has an irreplaceable emergency feature

• This portable power station has a standout feature that makes camping safer

• The Jackery Explorer 1000 is one of the best portable power stations

• Stop X’s Grok AI From Training on Your Tweets

• I can’t recommend this rugged power station enough to drone users, and it’s now $300 off

• One of the most durable power stations I’ve tested is not made by Anker or Jackery

• Get 50% off a Sam’s Club membership – here’s how

• Unlocking the Power of Behavioral Cloud Native Threat Detection and Response

• 3,000 Fake GitHub Accounts Used to Spread Malware in Stargazers Ghost Scheme

• These $50 earbuds blew me away with stunning sound and plenty of comfort

• The best GaN chargers of 2024: Expert tested

• 5 Linux commands for better group management (and how to use them)

• Telegram for Android hit by a zero-day exploit – Week in security with Tony Anscombe

• Buy a one-year subscription to Microsoft 365 for $45

• This Dell Inspiron is one of the most versatile, well-rounded laptops I’ve tested

• Navigating the Impact of Major IT Outages: Lessons from the CrowdStrike Incident

• This cheap fix made my Google Pixel Buds Pro sound better than ever

• French Authorities Launch Operation to Remove PlugX Malware from Infected Systems

• Unveiling the Latest Banking Trojan Threats in Latin America

• Cybersecurity Today Week in Review: CrowdStrike and more.

• Malicious PyPI Package Targets macOS to Steal Google Cloud Credentials

• Response to CISA Advisory (AA24-207A): North Korea Cyber Group Conducts Global Espionage Campaign to Advance Regime’s Military and Nuclear Programs

• FAQ: How Are STIGs, SRGs, SCAP, and CCIs Related?

• A bug in Chrome Password Manager caused user credentials to disappear

• Crooks Bypassed Google’s Email Verification to Create Workspace Accounts, Access 3rd-Party Services

• IT Security News Daily Summary 2024-07-26

• Friday Squid Blogging: Sunscreen from Squid Pigments

• The best Alexa devices of 2024: Expert tested and recommended

• These transparent earbuds by Nothing made my AirPods look and sound boring

• This Asus Copilot+ PC has one of the best displays I’ve seen on a laptop (and it exudes premium)

• How to calibrate your TV for the best picture quality – 2 easy and simple methods

• Apple reports iCloud Private Relay global outages for some users

• Negotiate Your Next Cyber Insurance Policy With This 6-Step Playbook

• 5 Innovative Cybersecurity Measures App Developers Should Incorporate in the Digital Transformation Race

• CrowdStrike meets Murphy’s Law: Anything that can go wrong will

• AI and Vulnerability Management: Industry Leaders Show Positive Signs

• EvilVideo Exploit: Telegram Zero-Day Vulnerability Allows Disguised APK Attacks

• Google Backtracks on Cookie Phaseout: What It Means for Users and Advertisers

• Researcher says deleted GitHub data can be accessed ‘forever’

• Chainguard Raises $140M to Drive AI Support, Global Growth

• Researchers Warn of Increased Cyberterrorism Activity Targeting Paris Olympics

• Scams to steer clear of as a college student, from a college student

• Effortless certificate management with automated CNAME validation

• National Defense University Cyber Professor Tapped as ONCD Deputy Director

• PKfail: 800+ Major PC Models have Insecure ‘Secure Boot’

• Ledger Flex: Secure self-custody with E Ink touchscreen display

• Your industrial network is not a commodity: it is strategic to your success

• Compromising the Secure Boot Process

• The Most Urgent Security Risks for GenAI Users are all Data-Related

• How to build a CA hierarchy across multiple AWS accounts and Regions for global organization

• Crowdstrike Threat Intelligence data leaked by hackers

• What is a computer exploit?

• 8 Benefits of Endpoint Detection & Response (EDR) You Should Know [2024]

• Software Maker MCG Health Settles Data Breach Suit for $8.8M

• How To Secure Your Angular Apps: End-To-End Encryption of API Calls

• Learn a new language with a Babbel subscription for 76% off

• The best TVs for PS5 of 2024: Expert tested

• One of the best budget Android tablets I’ve tested is not made by Samsung or Google

• Fortinet Training Institute Expands Cyber Education Opportunities for Veterans

• How Cyber Insurance Coverage is Evolving

• Meta takes down 63,000 sextortion-related accounts on Instagram

• Are We Ready For The Next Major Global IT Outage? Here’s All You Need to Know

• ERP Firm Data Breach Exposes Over 750 Million Records

• California’s Major Trial Court Falls Victim to Ransomware Attack

• Planting Trees in India: Green Team #GenerationRestoration

• Google Chrome Modifies Privacy Sandbox To Allow Cookies

• OpenAI Tests Search Engine Prototype Called ‘SearchGPT’

• My favorite accessory for DIY projects has a useful LED screen – and it’s game-changing

• Elon Musk’s X now trains Grok on your data by default – here’s how to opt out

• Belarus-linked Hackers Target Ukrainian Organizations with PicassoLoader Malware

• Digital Apartheid in Gaza: Unjust Content Moderation at the Request of Israel’s Cyber Unit

• IAM for MSPs Provider Evo Security Raises $6 Million

• CrowdStrike CEO: 97 Percent Of Windows Sensors Back Online

• The best bone conduction headphones of 2024: Expert tested and reviewed

• I replaced my Nest with this Arlo 2K video doorbell, and it’s perfect for smart home beginners

• Synnovis Restores Systems After Cyber-Attack, But Blood Shortages Remain

• What to expect from Made by Google 2024: Pixel 9 Pro Fold, Watch, Android 15, AI, and more

• We’ve entered the era of the smart ring. Here’s why it will shake up the wearables market

• BitLocker workaround may offer aid for CrowdStrike customers

• ServiceNow RCE Flaws Actively Exploited by Threat Actors to Steal Credentials

• How CISOs Enable ITDR Approach Through the Principle of Least Privilege

• Malicious Inauthentic CrowdStrike Falcon Crash Reporter Installer Distributed to German Entity

• Progress discloses second critical flaw in Telerik Report Server in as many months

• This AI-Powered Cybercrime Service Bundles Phishing Kits with Malicious Android Apps

• Hacktivists Claim Leak of CrowdStrike Threat Intelligence

• SeleniumGreed Cryptomining Campaign Exploiting Publicly Exposed Grid Services

• Buy a Costco membership and get a $40 gift card, free. Here’s how

• US Indicts Alleged North Korean State Hacker for Ransomware Attacks on Hospitals

• Suspect Indicted in North Korea Group’s Expansive Spying Operation

• Sheltering from the Cyberattack Storm

• A North Korean Hacker Tricked a US Security Vendor Into Hiring Him—and Immediately Tried to Hack Them

• Threat Actors Exploit Fresh ServiceNow Vulnerabilities in Attacks

• ExelaStealer Delivered “From Russia With Love”, (Fri, Jul 26th)

• I’ve tried a zillion desktop distros – it doesn’t get any better than Linux Mint 22

• The best humidifiers of 2024: Expert tested and reviewed

• The best iPads for college students in 2024: Expert tested and reviewed

• BIND updates fix four high-severity DoS bugs in the DNS software suite

• Thread Name-Calling: Using Thread Name for Offense

• Senator: Top Banks Only Reimburse 38% of Unauthorized Claims

• Elon Musk To Discuss $5 Billion xAI Investment With Tesla Board

• Europe Is Pumping Billions Into New Military Tech

• ZeroTier raises $13.5M to help avert CrowdStrike-like network problems

• Critical ServiceNow RCE Flaws Actively Exploited to Steal Credentials

• CrowdStrike Disruption Direct Losses to Reach $5.4B for Fortune 500, Study Finds

• Offensive AI: The Sine Qua Non of Cybersecurity

• US Charges North Korean Hacker for Ransomware Attacks on Hospitals

• OpenAI Launches SearchGPT Prototype

• Buy a Windows 11 Pro license for $25 right now

• DTX + UCX London is back: Global brands, cutting-edge technology and world-renowned speakers take centre stage

• In Other News: FBI Cyber Action Team, Pentagon IT Firm Leak, Nigerian Gets 12 Years in Prison

• Despite Bans, AI Code Tools Widespread in Organizations

• Scam Attacks Taking Advantage of the Popularity of the Generative AI Wave

• North Korean Hackers Targeted KnowBe4 with Fake IT Worker

• North Korean Hackers Target Critical Infrastructure for Military Gain

• Progress Software Fixed Critical Flaw in Telerik Report Server

• Google Chrome Now Asks for Passwords To Scan Protected Archives

• PKfail Vulnerability Allows Secure Boot Bypass on Hundreds of Computer Models

• Cybersecurity News: Microsoft Defender exploited, assassin’s encryption frustration, NK elite hackers

• Security Serious Unsung Heroes Awards 2024 open for nominations

• SocGholish: Fake Update Puts Visitors at Risk

• Happy System Administrator Appreciation Day 2024

• Master Cybersecurity With The Complete CompTIA Security+ SY0-701 Certification Kit by IDUNOVA

• Email Gateway Security Gaps Enable New Malware Tactics

• Patchwork Group Found Using Brute Ratel C4 and an Enhanced Version of PGoShell Backdoor

• Mimecast Acquires Veteran Data Security Firm Code42

• Onyx Sleet uses array of malware to gather intelligence for North Korea

• U.S. DoJ Indicts North Korean Hacker for Ransomware Attacks on Hospitals

• 97% of Devices Disrupted by CrowdStrike Restored as Insurer Estimates Billions in Losses

• Deepfake Attacks Prompt Change in Security Strategy

• Networking Equipment Riddled With Software Supply Chain Risks

• North Korean chap charged for attacks on US hospitals, military, NASA – and even China

• Terrorist Activity is Accelerating in Cyberspace – Risk Precursor to Summer Olympics and Elections

• The Role of DDoS Stress Testing in DDoS Protection

• Bridging the Expertise Gap: Enhancing Cybersecurity Skills in Compliance Professionals

• Play & LockBit Ransomware Join Hands to Launch Cyber Attacks

• Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327)

• North Korean state hacker infiltrates US security firm; Cybersecurity Today for Friday, July 26, 2024

• NHS Ransomware Attack leads to extreme blood shortage

• Harnessing Defensive AI: Safeguarding the Digital Realm

• CrowdStrike Warns of New Phishing Scam Targeting German Customers

• Ongoing Cyberattack Targets Exposed Selenium Grid Services for Crypto Mining

• North Korean chap charged for attacks on US hospitals, miiltary, NASA – and even China

• Critical Flaw in Telerik Report Server Poses Remote Code Execution Risk

• AI-generated deepfake attacks force companies to reassess cybersecurity

• 16% of organizations experience disruptions due to insufficient AI maturity

• Most CISOs feel unprepared for new compliance regulations

• Changing the Passive to Active: Updating SaaS Cybersecurity Strategy with Threat Management

• North Korean chap charged for attacks on US hospitals, NASA – and even China

• New infosec products of the week: July 26, 2024

• ISC Stormcast For Friday, July 26th, 2024 https://isc.sans.edu/podcastdetail/9070, (Fri, Jul 26th)

• Malware crew Stargazers Goblin used 3,000 GitHub accounts to make bank

• CrowdStrike update blunder may cost world billions – and insurance ain’t covering it all

Generated on 2024-07-27 23:55:07.390374