IT Security News Daily Summary 2024-08-25

• Traderie – 364,898 breached accounts

• North Korea Exploited Windows Zero-Day Vulnerability to Install Fudmodule

• The Port of Seattle and Sea-Tac Airport say they’ve been hit by ‘possible cyberattack’

• Iranian Hackers Targeted WhatsApp Accounts of Staffers in Biden, Trump Administrations, Meta Says

• Worried About Cash App Breach? These Three Steps Can Keep Your Financial Data Safe

• 16 Years of Cybercrime: The Story of Greasy Opal’s CAPTCHA Solver

• New Styx Stealer Malware Targets Browsers and Instant Messaging for Data Theft

• Sheltering From the Cyberattack Storm – Part Two

• Beyond CVSS: Advanced Vulnerability Prioritization Strategies for Modern Threats

• Dell Power Manager Privilege Escalation Vulnerability

• Progress WhatsUp Gold Vulnerabilities Let Attackers Inject SQL Commands

• Chrome Zero-day Vulnerability Actively Exploited in the Wild

• SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 8

• France police arrested Telegram CEO Pavel Durov

• U.S. CISA adds Versa Director bug to its Known Exploited Vulnerabilities catalog

• Security Affairs newsletter Round 486 by Pierluigi Paganini – INTERNATIONAL EDITION

• Week in review: PostgreSQL databases under attack, new Chrome zero-day actively exploited

• New Linux Malware ‘sedexp’ Hides Credit Card Skimmers Using Udev Rules

• Telegram Founder Pavel Durov Arrested in France for Content Moderation Failures

• Telegram Founder Pavel Durov Reportedly Arrested in France

• IT Security News Daily Summary 2024-08-24

• USENIX Security ’23 – TRust: A Compilation Framework For In-Process Isolation To Protect Safe Rust Against Untrusted Code

• Living with trust issues: The human side of zero trust architecture

• Hackers can take over Ecovacs home robots to spy on their owners

• PWA phishing on Android and iOS – Week in security with Tony Anscombe

• Misconfigured Access Controls in NetSuite Stores Cause Major Data Breach

• Cybercriminals Place 85-Year-Old Woman Under ‘Digital Arrest’ in Hyderabad, Cheat Her of ₹5.9 Crore

• Oil Giant Halliburton Hit by Cyberattack, Certain Systems Affected

• Cyble Research Reveals Near-Daily Surge in Supply Chain Attacks

• Unicoin’s Four-Day Cyberattack: Disruption, Recovery, and Ongoing Investigation

• The Limitations of Traditional Network-Based Vulnerability Scanning – And the Systematic Underestimation of Software Risks

• Cybersecurity Strategy: Understanding the Benefits of Continuous Threat Exposure Management

• Data Security Posture Management (DSPM) is an Important First Step in Deploying Gen AI and Copilot Tools

• Iranian Threat Actor TA453 Targets Jewish Figure with Fake Podcast Invite in Malicious Campaign

• Massive Data Breach Worsens as New Details Emerge Across US, UK, and Canada

• Protecting Your Wallet: Understanding NGate Android Malware

• Strategizing Compliance and Security In AI: A Hands-On Guide for IT Leaders

• Qilin Ransomware Upgrades and Now Steals Google Chrome Credentials

• The US Navy Has Run Out of Pants

• NSA Issues Guidance for Better Logging, Threat Detection to Prevent LotL Incidents

• CISA Adds Dahua IP Camera, Linux Kernel, and Microsoft Exchange Server Bugs to its KEV Catalog

• Greasy Opal’s CAPTCHA Solver Still Serving Cybercrime After 16 Years

• August 2024 Web Server Survey

• Slack Patches AI Bug That Exposed Private Channels

• Urgent Edge Security Update: Microsoft Patches Zero-day & RCE Vulnerabilities

• PEAKLIGHT Downloader Deployed in Attacks Targeting Windows with Malicious Movie Downloads

• Meta Exposes Iranian Hacker Group Targeting Global Political Figures on WhatsApp

• CISA Urges Federal Agencies to Patch Versa Director Vulnerability by September

• China-linked APT Velvet Ant Exploited Zero-Day to Compromise Cisco Nexus Switches

• Russian national arrested in Argentina for laundering money of crooks and Lazarus APT

• Exploit for CVE-2024-38054 Released: Elevation of Privilege Flaw in Windows Kernel Streaming WOW Thunk

• Hackers Now Use AppDomain Injection to Drop Cobalt Strike Beacons

• Cyber Security Today Week In Review: Saturday, August 24th, 2024

• Scammers are increasingly using messaging and social media apps to attack

• CISA Adds One Known Exploited Vulnerability to Catalog for Versa Networks Director

Generated on 2024-08-25 23:55:05.270905