IT Security News Daily Summary 2024-09-21

• ‘Harvest now, decrypt later’: Why hackers are waiting for quantum computing

• Cloudflare Outage Disrupts Website Access in Multiple Regions, Affecting Global Users

• Understanding the critical role of resilience in defending against ransomware

• Technology Governance Needs A Rethink on Prioritizing Resilience Against Digital Threats

• GitLab Addressed Critical SAML Auth Flaw With The Latest Release

• Hackers stole over $44 million from Asian crypto platform BingX

• Apple’s macOS Sequoia Update Breaks Security Tools

• USENIX NSDI ’24 – Autothrottle: A Practical Bi-Level Approach to Resource Management for SLO-Targeted Microservices

• Email Attacks Target 80% of Key Infrastructure Firms, Study Reveals

• Ransomware Outfits Are Exploiting Microsoft Azure Tool For Data Theft

• The Expanding PKfail Vulnerability in Secure Boot and Its Alarming Impact

• Hacktivist Group Twelve Targets Russian Entities with Destructive Cyber Attacks

• OP KAERB: Europol dismantled phishing scheme targeting mobile users

• Kawasaki Ransomware Attack: 500 GB Alleged Data Leaked, RansomHub Claims

• Ukraine Bans Telegram Use for Government and Military Personnel

• LinkedIn Halts AI Data Processing in UK Amid Privacy Concerns Raised by ICO

• How Apple, Google, and Microsoft can save us from AI deepfakes

• Modernizing and Applying FedRAMP Security Standards to Accelerate Safe AI

• Watch Now: Attack Surface Management Summit – All Sessions on Demand

• China Linked APT: Raptor Train Botnet Attacks IoT Devices

• Iranian Hackers Tried to Give Hacked Trump Campaign Emails to Dems

• Prime Day is approaching, and so are the scams surrounding it

• 2024 Cybersecurity Laws & Regulations

• Earth Baxia Exploits GeoServer to Launch APAC Spear-Phishing Attacks

• CISA Adds Windows, Apache HugeGraph-Server, Oracle JDeveloper, Oracle WebLogic Server, and MSSQL Server Bugs to its KEV Catalog

• Patch this Critical Safeguard for Privileged Passwords Authentication Bypass Flaw

• Microsoft Entra ID’s Administrative Units Weaponized to Gain Stealthy Persistence

• Germany Seizes 47 Crypto Exchanges Used by Ransomware Gangs

• Clever ‘GitHub Scanner’ Campaign Abusing Repositories to Push Malware

• Ukraine bans Telegram for government agencies, military, and critical infrastructure

• A hacker’s view of civic infrastructure: Cyber Security Today – Special Feature

• Customer Story | Lanett City Schools Works Smarter With The Help Of Cloud Monitor

• Friday Squid Blogging: Squid Game Season Two Teaser

• Adversarial attacks on AI models are rising: what should you do now?

• Versa Networks Releases Advisory for a Vulnerability in Versa Director, CVE-2024-45229

• IT Security News Daily Summary 2024-09-20

• Tor Project responded to claims that law enforcement can de-anonymize Tor users

• USENIX NSDI ’24 – Revisiting Congestion Control for Lossless Ethernet

• How Asset Discovery Tools Work

• Seattle Port Suffers Data Breach, Rhysida Ransomware Suspected

• Ukraine Bans Telegram Messenger App on State-Issued Devices Because of Russian Security Threat

• Comic Agilé – Mikkel Noe-Nygaard, Luxshan Ratnaravi – #306 – My Door Is Always Open

• Police Broke Tor Anonymity to Arrest Dark Web Users in Major CSAM Bust

• Navigating the Regulatory Maze: Simplifying Data Compliance

• How to prepare for post-quantum computing security

• Internet surveillance firm Sandvine says it’s leaving 56 ‘non-democratic’ countries

• From Burnout to Balance: How AI Supports Cybersecurity Professionals

• US indicts two over socially engineered $230M+ crypto heist

• Behavioral Baselining and its Critical Role in Cybersecurity

• “Simply staggering” surveillance conducted by social media and streaming services, FTC finds

• The best VPN routers of 2024

• Automate detection and response to website defacement with Amazon CloudWatch Synthetics

• Top data breach news headlines trending on Google

• Is Telegram safer than WhatsApp when it comes to Data Security

• Samsung Warns Striking Workers In India Of No Pay, Possible Termination

• HackerOne: Nearly Half of Security Professionals Believe AI Is Risky

• Clever Social Engineering Attack Using Captchas

• Ivanti patches exploited admin command execution flaw

• Google Expands Chrome Security and Privacy Capabilities

• How Ransomhub Ransomware Uses EDRKillShifter to Disable EDR and Antivirus Protections

• New cybersecurity advisory highlights defense-in-depth strategies

• Innovations in Falcon Cloud Security at Fal.Con 2024

• CrowdStrike Announces Falcon Identity Protection Innovations for Entra ID and Privileged Access

• CrowdStrike Unveils AI Innovations to Expedite Security Operations and Upgrade the Analyst Experience

• CrowdStrike Next-Gen SIEM Innovations Slash Response Time and Simplify SIEM Migrations

• CrowdStrike Drives Cybersecurity Forward with New Innovations Spanning AI, Cloud, Next-Gen SIEM and Identity Protection

• Simplify NIS2 compliance with Sonatype

• Preparing Healthcare for Ransomware Attacks: A 12-Step Approach by Dr. Eric Liederman

• Upgrading to MacOS Sequoia? Here’s why you may want to hold off

• UNC1860 provides Iran-linked APTs with access to Middle Eastern networks

• Hackers Deliver Popular Crypto-Miner Through Malicious Email Auto Replies, Researchers Say

• Google Now Syncing Passkeys Across Desktop, Android Devices

• Say Goodbye to Login Struggles with Apple’s New ‘Passwords App’

• Europol Shuts Down Major Phishing Scheme Targeting Mobile Phone Credentials

• Ukraine Bans Telegram On State-Issued Devices

• Construction Firms Targeted in Brute Force Assaults on Accounting Software

• US Cyberspace Solarium Commission Outlines Ten New Cyber Policy Priorities

• Brazil’s Judge Accuses X of ‘Willful’ Circumvention

• Where’s your BitLocker recovery key? How to save a copy before the next Windows meltdown

• -=TWELVE=- is back

• In Other News: Disney Ditches Slack, Binance Malware Warning, Defense Conference Targeted

• Red Hat OpenShift Users Urged to Patch Critical Build Flaws

• CISA Releases Six Advisories for Industrial Control Systems

• Synergizing Cybersecurity: The Benefits of Technology Alliances

• Kubernetes Container Isolation Startup Edera Raises $5 Million

• Passwordless AND Keyless: The Future of (Privileged) Access Management

• Check The Out 7 Major Applications Of GPU Dedicated Server

• Acronis Backup Plugins Hit by CVE-2024-8767: CVSS 9.9 Severity Alert

• Silicon UK AI For Your Business Podcast: Turing’s Legacy

• Hackers Allegedly Claim Breach of Dell Employee Database

• US DoJ charged two men with stealing and laundering $230 Million worth of cryptocurrency

• CVE-2023-48788 Exploited: Researcher Details Cyberattacks on Fortinet FortiClient EMS

• Experts Warn of China-Linked APT’s Raptor Train IoT Botnet

• Tor Responds to Reports of German Police Deanonymizing Users

• Iranian APT UNC1860 Linked to MOIS Facilitates Cyber Intrusions in Middle East

• Silicon UK In Focus Podcast: The State of E-commerce

• Best of CrowdStrike Fal.Con 2024: Tackling Adversity with a Wave of Cybersecurity Innovation

• Cybercriminals Exploit CAPTCHA to Deliver Malware: Experts Issue Warning

• Cybersecurity Skills Gap Leaves Cloud Environments Vulnerable

• Cybersecurity News: INC targets healthcare, Providence schools cyberattack, Apple iPads bricked

• Cybercrooks strut away with haute couture Harvey Nichols data

• New Phishing Campaign Exploiting Google App Scripts: What Organizations Need to Know

• The Vanilla Tempest cybercrime gang used INC ransomware for the first time in attacks on the healthcare sector

• Ivanti Warns of Second CSA Vulnerability Exploited in Attacks

• Companies Often Pay Ransomware Attackers Multiple Times

• AI Could Help Resolve IT/OT Integration Security Challenges

• More Than Two Million Stolen VPN Passwords Discovered

• Resecurity joins Cloud Security Alliance to help organizations secure cloud technologies

• Protecting Yourself from Malicious Web Apps: What You Need to Know

• Hertz Car Rental Platform Leaks 60,000 Insurance Claim Reports

• GitLab Urges Organization to Patch for Authentication Bypass Vulnerability

• Where’s your BitLocker recovery key? How and why to save a copy before the next Windows meltdown

• U.S. CISA adds new Ivanti Cloud Services Appliance Vulnerability to its Known Exploited Vulnerabilities catalog

• The Supply Chain Conspiracy: Cyber Attacks Behind the Lebanon Explosions

• Opnova emerges from stealth with $3.75 million in funding

• Chrome Users Can Now Sync Passkeys Across Devices with New Google PIN Feature

• Going for Gold: HSBC Approves Quantum-Safe Technology for Tokenized Bullions

• Influencing the influencers | Unlocked 403 cybersecurity podcast (ep. 6)

• FTC Sounds the Alarm on Social Media Spying on Children and Teenagers

• 7 Steps to Perform a Cyber Attack Simulation

• U.S. Justice Department Disrupts China-Backed Botnet Targeting Thousands of Devices

• Exploding pagers and the new face of asset-centric warfare

• Striking the balance between cybersecurity and operational efficiency

• How to detect and stop bot activity

• Critical Ivanti Cloud Appliance Vulnerability Exploited in Active Cyberattacks

• New infosec products of the week: September 20, 2024

• Rising identity security risks: Why organizations must act now

• Supply chain targets 3,000 users. Cyber Security Today for Friday, September 20, 2024

• Nextcloud Hub 9 released: New features, more security, updated performance

• ISC Stormcast For Friday, September 20th, 2024 https://isc.sans.edu/podcastdetail/9146, (Fri, Sep 20th)

• CISA boss: Makers of insecure software are the real cyber villains

• Valencia Ransomware explodes on the scene, claims California city, fashion giant, more as victims

Generated on 2024-09-21 23:55:07.692359