IT Security News Daily Summary 2024-09-17

• 2024-09-16 – Snake KeyLogger (VIP Recovery) infection, SMTP exfil

• 2024-09-17 – Snake KeyLogger (VIP Recovery) infection, FTP exfil

• Discord launches end-to-end encrypted voice and video chats

• VMware patches over remote make-me-root holes in vCenter Server, Cloud Foundation

• AI and Technical Debt: Balancing Innovation and Sustainability

• The best AirTag wallets of 2024: Expert tested

• Lebanon: At least nine dead, thousands hurt after Hezbollah pagers explode

• Google Cloud Document AI flaw (still) allows data theft despite bounty payout

• USENIX NSDI ’24 – Fast Vector Query Processing for Large Datasets Beyond GPU Memory with Reordered Pipelining

• Did ChatGPT just message you? Relax – it’s a bug, not a feature (for now)

• WordPress To Require Two-Factor Authentication for Plugin Developers

• The Mystery of Hezbollah’s Deadly Exploding Pagers

• KOSA’s Online Censorship Threatens Abortion Access

• At least nine dead, thousands hurt in Lebanon after Hezbollah pagers explode

• VMware Patches Remote Code Execution Flaw Found in Chinese Hacking Contest

• Avoiding The “No Responsibility” Cloud Security Model

• Part 1: Can Just Anyone Access Your ServiceNow Articles?

• Part 2: Can Just Anyone Access Your ServiceNow Articles?

• Randall Munroe’s XKCD ‘Craters’

• GPU Hosting and Open Source AI Will Revolutionize or Kill WordPress

• Hezbollah claims dozens dead as its pagers go boom, not beep

• 80% of Critical National Infrastructure Companies Experienced an Email Security Breach in Last Year

• The Mystery of Hezbollah’s Deadly Exploding Pagers

• Port of Seattle Battles Ransomware Attack, Refuses to Pay

• Fortinet Confirms Data Breach Involving Limited Number of Customers, Linked to Hacker “Fortibitch”

• Global telcos pledge to adopt responsible AI guidelines

• Australian IT Spending to Surge in 2025: Cybersecurity & AI Focus

• Rhysida ransomware gang ships off Port of Seattle data for $6M

• Intezer Raises $33M to Extend AI-Powered SOC Platform

• Cyber attack on Telecom companies triggers explosions of Pagers in Lebanon

• 2024-09-16 – Snake KeyLogger activity

• Yokogawa Dual-redundant Platform for Computer (PC2CKM)

• CISA Adds Four Known Exploited Vulnerabilities to Catalog

• Remotely Exploding Pagers

• How to Scale Your MSP from a Firm That Grew Revenue 440%

• How MSPs Can Use the ‘Four Kinds of Luck’ to Succeed

• EchoStrike: Generate Undetectable Reverse Shells, Perform Process Injection

• Update: PoC Exploit Released for Windows Hyper-V Zero-Day Vulnerability

• US Hits Intellexa Spyware Maker With More Sanctions

• C/side Raises $6 Million to Secure the Browser Supply Chain

• 5 Ways to Reduce Information Security Risk in a Mobile Workplace

• USENIX NSDI ’24 – Horus: Granular In-Network Task Scheduler for Cloud Datacenters

• US Looks to Align Security Across Government

• Millbeck Communications Proroute H685t-w

• CISA Releases Three Industrial Control Systems Advisories

• Siemens SIMATIC S7-200 SMART Devices

• Chinese man charged for spear-phishing against NASA and US Government

• Assessing Apple’s Update to Rotating MAC Addresses

• Secure your organization

• Global Bot Security Report Findings: 2 in 3 Websites Are Unprotected

• A Future of Security Free from CNAPP – Keynote Interview with James Berthoty

• Can a Bot Farm Damage Your Business? What You Need to Know About Bot Farms

• Here’s How Criminals Are Targeting Users and Enterprises in Mexico

• ICO Acts Against Sky Betting and Gaming Over Cookies

• An Offer You Can Refuse: UNC2970 Backdoor Deployment Using Trojanized PDF Reader

• CVE backlog update: The NVD struggles as attackers change tactics

• Best Kaspersky Alternatives in 2024

• CISA and FBI Release Secure by Design Alert on Eliminating Cross-Site Scripting Vulnerabilities

• Cisco’s second layoff of 2024 affects thousands of employees

• Phishing Campaigns Surge with New Header Refresh Technique, Targeting Financial and Government Sectors

• TfL Employees Face In-Person Identity Verification Following Cyberattack

• 23andMe Pledges $30 Million to the 6.4 Million People Affected by Data Breach

• Zero-Click Calendar Invite: Critical macOS Vulnerability Chain Uncovered

• Rising Clipper Malware Attacks Target Cryptocurrency Users

• Critical Vulnerability in AutoGPT Puts Over 166,000 Projects at Risk

• Predator spyware kingpins added to US sanctions list

• Software Security Firm RunSafe Raises $12 Million in Series B Funding

• Most Cyber Leaders Fear AI-Generated Code Will Increase Security Risks

• iOS 18 is out. Here are the new privacy and security features

• Cyber predators target vulnerable victims: Hackers blackmail hospitals, trade patient data and find partners through darknet ads

• The cybersecurity labor gap now stands at 4M+ open jobs. Intezer has raised $33M for AI tools to plug it

• Top Tips and Risks Ahead of the 2024 Olympic Games

• Protecting Against Malicious Open Source Packages

• Hydden Raises $4.4M in Seed Funding for Identity Security Platform

• Email Security Breaches Rampant Among Critical Infrastructure Organizations

• Apple releases iOS 18, with security and privacy improvements

• WTW Indigo Vault secures business sensitive files

• U.S. Treasury Sanctions Executives Linked to Intellexa Predator Spyware Operation

• Google Chrome Switches to ML-KEM for Post-Quantum Cryptography Defense

• LastPass Review 2024: Is it Still Safe and Reliable?

• D-Link Fixes Critical RCE, Hardcoded Credential Flaws in WiFi 6 Routers

• Metabase Q Raises $11M in Series A Extension Funding

• The Dark Nexus Between Harm Groups and ‘The Com’ – Krebs on Security

• Strider Secures $55M to Fuel AI Growth and Global Expansion

• CosmicBeetle Exploits Vulnerabilities in Small Businesses Globally

• F5 NGINX One improves app delivery and security functions

• Veritas unveils AI-driven features to simplify cyber recovery

• Beware the Rising Tide: Financial Services Is Awash in Attacks

• Hackers Exploiting Selenium Grid Tool To Deploy Exploit Kit & Proxyjacker

• CISA Warns of Windows MSHTML & Progress WhatsUp Gold Flaw Exploited Widely

• September 2024 Web Server Survey

• Forget AirTags: Tile’s new trackers come in all shapes and sizes (and an SOS button)

• Python Developers Targeted with Malware During Fake Job Interviews

• Performance Testing Vs Load Testing: Know the Key differences

• From Fragmentation to Integration: Establishing a Cyber Risk Management Program

• RunSafe Security raises $12 million to reduce attack surface in critical infrastructure

• How to Investigate ChatGPT activity in Google Workspace

• Singapore Launches Accelerator for International Cybersecurity Startups

• Intel ‘Lost PlayStation 6 Chip Bid To AMD’

• Intel, AWS To Collaborate On AI Chip In Major Win

• Master IT Fundamentals With This CompTIA Certification Prep Bundle

• U.S. CISA adds Microsoft Windows MSHTML Platform and Progress WhatsUp Gold bugs to its Known Exploited Vulnerabilities catalog

• ‘Cyber Wellbeing Corner’ Returns to International Cyber Expo

• DoJ: Chinese Man Used Spear-Phishing to Obtain Software From NASA, Military

• PoC exploit for exploited Ivanti Cloud Services Appliance flaw released (CVE-2024-8190)

• Gcore WAAP protects websites, web applications, and APIs

• Cybersecurity News: Intellexa faces new sanctions, London hospitals impact, Apple releases update

• Our Guardrails Only Fail When You Try To Go Around Them (LIVE in Seattle)

• Pioneering Researcher Raises $230m For ‘Spatial’ AI Start-Up

• US Sanctions Commercial Spyware Group

• Creating An AI Honeypot To Engage With Attackers Sophisticatedly

• North Korean Hackers Attacking LinkedIn Users to Deliver RustDoor Malware

• England and Wales Report a Spike in Computer Misuse

• What’s Changed in CIS Critical Security Controls v8.1?

• Misconfigured ServiceNow Knowledge Bases Expose Confidential Information

• Enterprise ServiceNow Knowledge Bases at Risk: Extensive Data Exposures Uncovered

• AppOmni Surfaces Configuration Flaw in ServiceNow SaaS Platform

• US Ramps Up Sanctions on Spyware-Maker Intellexa

• Over Half of Breached UK Firms Pay Ransom

• China Touts ‘Significant’ Advances In Chipmaking Tools

• China ‘Closing Gap’ With West In AI

• Key Russian Hacker Group Attacking Users With .NET Built Ransomware

• How Google and Yahoo’s shift to stricter email standards proved a windfall for this Armenian startup

• Qilin ransomware attack on Synnovis impacted over 900,000 patients

• Taking Control Online: Ensuring Awareness of Data Usage and Consent

• All Smoke, no Fire: The Bizarre Trend of Fake Data Breaches and How to Protect Against Them

• Making the Complex Simple: Authorization for the Modern Enterprise

• Binance Warns of Rising Clipper Malware Attacks Targeting Cryptocurrency Users

• 23:59, Time to Exfiltrate!, (Tue, Sep 17th)

• TikTok Tells US Court Ban Would Have ‘Staggering’ Effects

• Woo Skimmer Uses Style Tags and Image Extension to Steal Card Details

• MSSPs Say Client Communication Is Too Hard. Here’s How We’re Helping.

• The New Era of SOCs: Simplifying Cybersecurity for SMBs

• Google Chrome browser users given 72 hour deadline to adopt Cybersecurity patches

• Securing Data from Espionage: The Role of Confidential Computing

• Chinese Hackers Charged for Multi-Year Spear-Phishing Attacks

• Unlocking Secure Communications 101: The Fundamentals

• China claims Starlink signals can reveal stealth aircraft – and what that really means

• Gateways to havoc: Overprivileged dormant service accounts

• SolarWinds Issues Patch for Critical ARM Vulnerability Enabling RCE Attacks

• The Day the IT World Stood Still

• How to Prepare Your Organization for the Future with Continuous Security Testing

• The Human Element in Non-Human Identity Security: Bridging the Gap in Modern Cybersecurity

• Beyond human IAM: The rising tide of machine identities

• The growing danger of visual hacking and how to protect against it

• Securing SAP Systems: Essential Strategies to Protect Against Hackers

• The cybersecurity workforce of the future requires diverse hiring practices

• ISC Stormcast For Tuesday, September 17th, 2024 https://isc.sans.edu/podcastdetail/9140, (Tue, Sep 17th)

• Microsoft confirms IE bug squashed in Patch Tuesday was exploited zero-day

• Chinese national accused by Feds of spear-phishing for NASA, military source code

• Instituto Nacional de Deportes de Chile – 319,613 breached accounts

• Apple Patches Major Security Flaws With iOS 18 Refresh

• IT Security News Daily Summary 2024-09-16

• Elon Musk Is a National Security Risk

• US government expands sanctions against spyware maker Intellexa

• CISA Releases Plan to Align Operational Cybersecurity Priorities for Federal Agencies

• The empire of C++ strikes back with Safe C++ blueprint

• NordPass Review (2024): Is it a Safe Password Manager?

• D-Link addressed three critical RCE in wireless router models

• Unveiling Venezuela’s Repression: Surveillance and Censorship Following July’s Presidential Election

• Apple Patches Major Security Flaws with iOS 18 Refresh

• A Personally Identifiable Cyber Jihadist Domain Portfolio

• After CrowdStrike Crash, Microsoft Mulls New Windows Security Tools

• CISO Series Podcast LIVE at Stanford University (10-17-24)

• Methodology for incident response on generative AI workloads

• Tile Trackers now include an SOS feature – here’s how they compare with Apple’s AirTags

• Point Product vs. CDN for Bot Protection: Striking the Right Balance

• RansomHub Ransomware Gang Leaks 487GB of Alleged Kawasaki Europe Data

• Crypto Mining and DDoS Threats: How Hadooken Malware Targets Oracle Web Logic Servers

• The best travel VPNs of 2024: Expert tested and reviewed

• Windows spoofing flaw exploited in earlier zero-day attacks

• Deployment considerations for Red Hat OpenShift Confidential Containers solution

• How Red Hat is integrating post-quantum cryptography into our products

• Cursor’s Magic Comes with a Catch: The Trust Setting You’re Missing

• Snowflake slams ‘more MFA’ button again – months after Ticketmaster, Santander breaches

• SecurityWeek to Host 2024 Attack Surface Management Summit on Wednesday

• Is Google Spying on You? EU Investigates AI Data Privacy Concerns

• Rhysida Ransomware Hits Seattle Port in August Attack

• Create security observability using generative AI with Security Lake and Amazon Q in QuickSight

• Google Enhances Data Security with Confidential Computing Technology

• DuckDuckGo Joins AI Chat, Promises Enhanced Anonymity

• Apple’s New Passwords App May Solve Your Login Nightmares

• U.S. government expands sanctions against spyware maker Intellexa

• The Climate Has a Posse – And So Does Political Satire

• EasyDMARC Lands $20M for Email Security Authentication Tech

• Five Tools That Can Help Organizations Combat AI-powered Deception

• Apple Seeks to Drop Its Lawsuit Against Spyware Maker NSO

• Preventing Credit Card Fraud in 2024: Tips to Avoid Declined Transactions and Fraud Alerts

• Vulnerability Recap 9/16/24 – Critical Endpoint Flaws Emerged

• CISA Adds Two Known Exploited Vulnerabilities to Catalog

• Forward as One: Embracing the Future of Partnering with Cisco

• Recently patched Windows flaw CVE-2024-43461 was actively exploited as a zero-day before July 2024

• Legacy Ivanti Cloud Service Appliance Being Exploited

• Germany’s CDU still struggling to restore data months after June cyberattack

• DORA Compliance Checklist: From Preparation to Implementation

• Why Are So Many Public Sector Organizations Getting Attacked?

• Vulnerability Summary for the Week of September 9, 2024

• Half of UK Firms Lack Basic Cybersecurity Skills

• White House to Tackle AI-Generated Sexual Abuse Images

• Flare’s FTSOv2 Launch Sets A New Standard For Decentralized Data

• Obfuscation vs Encryption: How To Protect Your .NET Code the Right Way

• AI and Cyber Security: Innovations & Challenges

• How to Create & Implement a Cloud Security Policy

• FBI, CISA Warn of Fake Voter Data Hacking Claims

• BT Uncovers 2,000 Potential Cyberattacks Signals Every Second

• ICBC London Branch Hit by Ransomware Attack, Hackers Steal 6.6TB of Sensitive Data

• Sourcepoint helps companies mitigate vulnerabilities across various privacy regulations

• Advanced Phishing Attacks Put X Accounts at Risk

• Introducing the APRA CPS 230 AWS Workbook for Australian financial services customers

• The Curious Case Of MutantBedrog’s Trusted-Types CSP Bypass

• Critical Vulnerabilities Impact Million of D-Link Routers, Patch Now!

• 23andMe to pay $30 million in settlement over 2023 data breach

• Hispanic Heritage Month Spotlight: Bill Diaz

• Entro Security Labs Releases Non-Human Identities Research Security Advisory

• North Korean Hackers Target Cryptocurrency Users on LinkedIn with RustDoor Malware

• Google Fixes GCP Composer Flaw That Could’ve Led to Remote Code Execution

• Modernizing Enterprise Security for An Application-Centric World

• Windows MSHTML Zero-Day Vulnerability Exploited In The Wild

• Microsoft confirms second 0-day exploited by Void Banshee APT (CVE-2024-43461)

• DeltaPrime Suffers $5.98M Loss as Hacker Exploits Admin Key on Arbitrum

• Prison just got rougher as band of heinously violent cybercrims sentenced to lengthy stints

• Master Your PCI DSS v4 Compliance with Innovative Smart Approvals

• From Breach to Recovery: Designing an Identity-Focused Incident Response Playbook

• Medusa Ransomware Exploiting Fortinet Flaw For Sophisticated Ransomware Attacks

• Azure API Management Vulnerability Let Attackers Escalate Privileges

• SolarWinds fixed critical RCE CVE-2024-28991 in Access Rights Manager

• Microsoft Says Recent Windows Vulnerability Exploited as Zero-Day

• Unlock FCC Pilot Program Funding with Cloud Monitor and Content Filter

• Uber To Offer Waymo Robotaxi Rides In Austin, Atlanta

• Brazil Unfreezes Starlink, X Bank Accounts After Funds Transfer

• Largest Crypto Exchange in Indonesia Suffers $22 Million Theft

• Apple to Drop Spyware Lawsuit Over Security Concerns

• Microsoft September Patch Tuesday Patched 4 Zero-Day Flaws

• Hackers Can Bypass WhatsApp ‘View Once’ Due To Feature Vulnerability

• Spring Framework Vulnerability Let Attackers obtain Any Files from the System

• Apple dismisses lawsuit against surveillance firm NSO Group due to risk of threat intelligence exposure

• Hackers Target Selenium Grid Servers for Proxyjacking and Cryptomining Attacks

• US Port Security Threatened by Chinese-Made Cranes, Says House Report

• North Korean Hackers Attacking Crypto Industry, Billions at Risk

• Cloud Access Security Broker Policy

• Hacker Claims Breach of UK’s Experience Engine, Data Sold Online

• Is your Windows license legal? Should you even care?

• Windows Vulnerability Abused Braille “Spaces” in Zero-Day Attacks

• Cybersecurity News: Fortinet breach, RansomHub extorts Kawasaki, TfL password resets

• US House Passes Bill Targeting Chinese EV Battery Tech

• GenAI Shopping: Revolutionising Retail Experiences

• Cyber Threats Intensify in Mexico; Espionage and Extortion Risks Grow

• Ivanti CSA Vulnerability Exploited in Attacks Days After DIsclosure

• Industry Moves for the week of September 16, 2024 – SecurityWeek

• SolarWinds Patches Critical Vulnerability in Access Rights Manager

• Meta Goes Ahead With Controversial AI Training in UK

• NASA Mission To Jupiter’s Europa Gets Go-Ahead

• CISA Urges Agencies to Upgrade or Remove End-of-Life Ivanti Appliance

• Navigating the Cloud Chaos: 2024’s Top Threats Revealed

• Mitigating Alert Fatigue in SecOps Teams

• Applications are Open for IoT Device Cyber Certifiers

• China’s quantum* crypto tech may be unhackable, but it’s hardly a secret

• SOC 2 Compliance Provides AppViewX Customers Security and Data Protection Assurance

• Musk Calls Australia ‘Fascists’ Over Social Media Regulation

• Stephen Fry Calls X, Meta Cultural ‘Polluters’

• Police Arrest Youth Over London Transport Hack

• Crimson Palace Returns With New Hacking Tolls And Tactics

• Is Microsoft really going to cut off security updates for your ‘unsupported’ Windows 11 PC?

• Hacker tricked ChatGPT into providing detailed instructions to make a homemade bomb

• Python Libraries Exploited for Malicious Intent

• Aembit Raises $25M to Tackle Nonhuman Identity Security Challenges

• Apple Drops Spyware Case Against NSO Group, Citing Risk of Threat Intelligence Exposure

• 23andMe Agrees to $30m Data Breach Settlement

• A week in security (September 9 – September 15)

• The Rise of AI Voicemail Scams, Political Donation Privacy Concerns

• UK Hosts International Cyber Skills Conference

• Managing PE Files With Overlays, (Mon, Sep 16th)

• Microsoft Windows 10 support end and Crowdstrike Global Outage details

• Benefits of Using Blockchain in Cybersecurity

• Hunters International Claims Breach of ICBC London

• Fortinet experiences another major breech with hacker claiming 440 GB of data stolen. Cyber Security Today for Monday, September 16, 2024

• Researchers Discover New Variant of TrickMo Banking Trojan

• EchoStrike: Generate undetectable reverse shells, perform process injection

• Cybercriminals Exploit HTTP Headers for Credential Theft via Large-Scale Phishing Attacks

• New Environmental Policies and Practices Raise Unexpected Cybersecurity Challenges

• U.S. Tax Reform Can Fuel AI and Cybersecurity Innovation

• The ripple effects of regulatory actions on CISO reporting

• Compliance frameworks and GenAI: The Wild West of security standards

• 23andMe settles class-action breach lawsuit for $30 million

• eBook: Navigating compliance with a security-first approach

• Trends and dangers in open-source software dependencies

• ISC Stormcast For Monday, September 16th, 2024 https://isc.sans.edu/podcastdetail/9138, (Mon, Sep 16th)

Generated on 2024-09-17 23:55:10.289889