IT Security News Daily Summary 2024-10-19

• USENIX NSDI ’24 – Crescent: Emulating Heterogeneous Production Network at Scale

• Threat actors exploiting zero-days faster than ever – Week in security with Tony Anscombe

• USENIX NSDI ’24 – A High-Performance Design, Implementation, Deployment, and Evaluation of The Slim Fly Network

• Hackers Use Fake ESET Emails to Target Israeli Firms with Wiper Malware

• The Extent of Data Surveillance in Modern Smart TVs

• New Cybersecurity Threat for the Middle Eastern Countries: OilRig Malware

• Cisco Investigates Data Breach After Hacker Claims Sale of Data

• Managing LLM Security Risks in Enterprises: Preventing Insider Threats

• 23andMe faces an uncertain future — so does your genetic data

• U.S. CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog

• Industrial and Critical Infrastructure Defenders to Gather in Atlanta for 2024 ICS Cybersecurity Conference

• Call and Register ? Relay Attack on WinReg RPC Client

• North Korea-linked APT37 exploited IE zero-day in a recent attack

• Week in Review: Amazon passkeys usage, healthcare ransomware stats, major cybercrime takedowns

• The Unsolvable Problem: XZ and Modern Infrastructure

• Google Chrome’s uBlock Origin Purge Has Begun

• Managing Foreign Government Information (FGI) on a Network

• Acronym Overdose – Navigating the Complex Data Security Landscape

• Crypt Ghouls Targets Russian Firms with LockBit 3.0 and Babuk Ransomware Attacks

• How-To create Security User Stories

• Gone Phishin’ – Everything you need to know (and more). Cyber Security Today Weekend for October 19, 2024

• The Disinformation Warning Coming From the Edge of Europe

• Omni Family Health data breach impacts 468,344 individuals

• Southeast Asia reiterates pledge to collaborate amid growing cyber threats in AI era

• Get an Untrusted Security Advisor! Have Fun, Reduce Fail!

• Is End-User Cybersecurity Training Useless? Spoiler Alert: It’s Not!

• Jetpack fixes 8-year-old flaw affecting millions of WordPress sites

• EFF to Third Circuit: TikTok Has Section 230 Immunity for Video Recommendations

• IT Security News Daily Summary 2024-10-18

• FBI and CISA Issue Public Service Announcement Warning of Tactics Foreign Threat Actors are Using to Spread Disinformation in the 2024 U.S. General Election

• Friday Squid Blogging: Squid Scarf

• Iran-linked actors target critical infrastructure organizations

• APIContext Joins Akamai’s Qualified Compute Partner Program to Boost Cloud Capabilities

• A Flourishing Internet Depends on Competition

• USENIX NSDI ’24 – MESSI: Behavioral Testing of BGP Implementations

• Securing Cloud-Native Applications: A CISO’s Perspective on Broken Access Control

• The American Water cyberattack: Explaining how it happened

• Publishers Spotlight: Proofpoint

• AI-Generated Personas: Trust and Deception

• Cash App users have less than a month to claim up to a $2,500 settlement payout

• Stop exposing your Venmo activity – by changing this privacy setting. Here’s why

• Compare Antivirus Software 2025: Bitdefender vs ESET

• Computer Networking Fundamentals: Learn the Basics

• Top 9 Trends In Cybersecurity Careers for 2025

• Use Venmo? Change this privacy setting now. Here’s why – and how

• Gartner 2024 CNAPP Market Guide Insights for Leaders

• Can You Fax a Check? Yes. Follow These Steps to Do it Safely

• New TrickMo Variants Exploit Fake Lock Screens to Steal Android PINs

• AI and cybersecurity – A double-edged sword

• Secure Golden Images: A Blueprint for Vulnerability Management

• Unauthorized data access vulnerability in macOS is detailed by Microsoft

• HM Surf vulnerability in macOS has details revealed by Microsoft

• AI to power future data privacy breaches

• AI boost to SWIFT banking network helps thwart Cyber Threats

• Apple Sees Strong Initial iPhone 16 Sales In China

• Iranian Hackers Target Microsoft 365, Citrix Systems with MFA Push Bombing

• Key Worries Surrounding the Growing Impact of Technology in Our Lives

• Bitcoin fraud through (hacked?) WordPress installations

• Ransomware Attack and Software Glitches Reveal Fragility in U.S. Car Dealerships and Global Systems

• Iranian Attackers Exploit Windows Bug to Elevate Privileges

• TrickMo Banking Trojan Unveils Advanced Threat Capabilities in Latest Variant

• Examining Telegram’s Encryption Flaws: Security Risks and Privacy Concerns

• Microsoft Reveals Loss of Customer Security Logs for a Month

• Internet Archive and Wayback Machine Resurrect After DDoS Wave

• Cyber Awareness Month: The End of the VPN Era

• Tesla Faces NHTSA Probe Over FSD Fatal Accident

• Bell Canada’s Transformation Journey with Routed Optical Networking

• North Korean IT Workers in Western Firms Now Demanding Ransom for Stolen Data

• Cybersecurity Workforce in Crisis

• What’s behind the 51% drop in ransomware attacks?

• Are your Venmo transactions still public? Here’s why – and how – to change that ASAP

• How Innovations in Clientless SASE Services Redefine Security in Mobile Networks

• Justice Department Indicts Tech CEO for Falsifying Security Certifications

• Security review for Microsoft Edge version 130

• Army Cloud Program to Help SMBs Meet DoD Cyber Requirements

• Microsoft lost some customers’ cloud security logs

• How Organizations Can Avoid Domain Exploitation When “Big News” Breaks

• Serhiy Tokarev Reveals Roosh’s Investment in the French Freelance Platform

• A Closer Look at Q3 2024: 75% Surge in Cyber Attacks Worldwide

• AI-Powered Fraud Detection Systems for Enhanced Cybersecurity

• Microsoft: macOS Vulnerability Potentially Exploited in Adware Attacks

• CISOs Concerned Over Growing Demands of Role

• macOS Vulnerability Could Expose User Data, Microsoft Warns

• Options for AWS customers who use Entrust-issued certificates

• Roosh Ventures Invests in French Freelance Platform Jump

• Alleged Bitcoin crook faces 5 years after SEC’s X account pwned

• Brazil Arrests ‘USDoD,’ Hacker in FBI Infragard Breach

• U.S. and Allies Warn of Iranian Cyberattacks on Critical Infrastructure in Year-Long Campaign

• The Ultimate DSPM Guide: Webinar on Building a Strong Data Security Posture

• Worldcoin Rebrands To World Network, Ramps Up Iris Scanning

• ESET denies it was compromised as Israeli orgs targeted with ‘ESET-branded’ wipers

• North Korean APT Exploited IE Zero-Day in Supply Chain Attack

• US Crackdown With Microsoft: Over 100 Russian Domains Seized

• How to Master CentOS Commands: The Ultimate Cheat Sheet

• Understanding the Importance of MFA: A Comprehensive Guide

• Rising Tides: Christien “DilDog” Rioux on Building Privacy and What Makes Hackers Unique

• Beware: Fake Google Meet Pages Deliver Infostealers in Ongoing ClickFix Campaign

• Instagram Rolls Out New Sextortion Protection Measures

• Need a Wyze Cam alternative? The waterproof Blink Mini 2 security camera is it

• macOS HM Surf flaw in TCC allows bypass Safari privacy settings

• Analysis of the Crypt Ghouls group: continuing the investigation into a series of attacks on Russia

• Israeli orgs targeted with wiper malware via ESET-branded emails

• Microsoft Named Most Imitated Brand in Phishing Attacks

• Unveiling Hidden Connections: JA4 Client Fingerprinting on VirusTotal

• Call for Experts: Join the ENISA Ad Hoc Working Group on EU Digital Identity Wallets Cybersecurity Certification

• What the US Army’s 1959 ‘Soldier of Tomorrow’ Got Right About the Future of Warfare

• Organizations Faster at Detecting OT Incidents, but Response Still Lacking: Report

• Arrested: USDoD, Anonymous Sudan, SEC X account hacker

• US Arrest Man for SEC X Account Hack

• Intel lightly hits back at China’s accusations it bakes in NSA backdoors

• Omni Family Health Data Breach Impacts 470,000 Individuals

• CyCognito expands automated testing capabilities

• SolarWinds Web Help Desk Vulnerability Allows Remote Code Execution

• Cyera Acquires Data Loss Prevention Firm Trail Security for $162 Million

• New macOS vulnerability, “HM Surf”, could lead to unauthorized data access

• LinkedIn suspends some AI training operations

• Hacker Arrested for Invading Computers & Selling Police Data

• ConfusedPilot Exposes Vulnerability in AI Systems Used by Major Enterprises

• Globe Life extortion, hacker USDoD arrested, Anonymous Sudan indicted

• Beware of Starbucks Phishing Scam and China using Quantum tech to break encryption

• Cisco ATA 190 Telephone Adapter Vulnerabilities Let Attackers Execute Remote Code

• Microsoft Reveals macOS Vulnerability that Bypasses Privacy Controls in Safari Browser

• Building Digital Resilience: Insider Insights for a Safer Cyber Landscape

• Intel robustly refutes China’s accusations it bakes in NSA backdoors

• Despite massive security spending, 44% of CISOs fail to detect breaches

• Biz hired, and fired, a fake North Korean IT worker – then the ransom demands began

• What to do if your iPhone or Android smartphone gets stolen?

• Cybercrime’s constant rise is becoming everyone’s problem

• DDoS Attacks and the Upcoming US Presidential Election

• New infosec products of the week: October 18, 2024

• Addressing Critical Gaps in Threat Intelligence Sharing

• As Attackers Embrace AI, Every Organization Should Do These 5 Things

• Singapore releases guidelines for securing AI systems and prohibiting deepfakes in elections

• ISC Stormcast For Friday, October 18th, 2024 https://isc.sans.edu/podcastdetail/9186, (Fri, Oct 18th)

• Uncle Sam puts $10M bounty on Russian troll farm Rybar

• Two Sudanese nationals indicted for operating the Anonymous Sudan group

• Troubled US insurance giant hit by extortion after data leak

• The Evolution of Automated Browser Detection: A Cat & Mouse Game

Generated on 2024-10-19 23:55:09.089456