IT Security News Daily Summary 2024-10-29

• International law enforcement operation dismantled RedLine and Meta infostealers

• Master Incident Response with Hands-On Training in IR-200: Foundational Incident Response

• Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files

• Tony Fadell: Innovating to save our planet | Starmus highlights

• DEF CON 32 – AppSec Village – Got 99 Problems But Prompt Injection Ain’t Watermelon

• REvil convictions unlikely to curb Russian cybercrime

• CISA Releases Its First Ever International Strategic Plan

• You’re going to get hacked. But here’s how to avoid a cybersecurity disaster

• How a series of opsec failures led US authorities to the alleged developer of the Redline password-stealing malware

• Operation Magnus: Police Dismantles RedLine and META Infostealer Infrastructure

• GitHub Copilot Autofix expands as AI snags software delivery

• Daniel Stori’s Turnoff.US: ‘Security Engineer Interview’

• New LightSpy Spyware Targets iOS with Enhanced Capabilities

• Unifying SecOps and Observability for Enhanced Cloud Security in Azure

• The 8 Best Network Monitoring Tools for 2024

• Comparing Antivirus Software 2025: Avast vs. AVG

• Belgian cops cuff 2 suspected cybercrooks in Redline, Meta infostealer sting

• TikTok ‘Infinite Money Glitch’ — Idiots Chased by JPMorgan

• US charges suspected Redline infostealer developer, admin

• Chenlun’s Evolving Phishing Tactics Target Trusted Brands

• Navigating Privacy Concerns on Google Maps: Understanding the Blurring Feature

• Russian Malware Attack Targets Ukrainian Military Recruits via Telegram

• The Internet Archive is finally mostly back online after a series of cyberattacks

• The story behind the Health Infrastructure Security and Accountability Act

• Power Your GenAI Ambitions with New Cisco AI-Ready Data Center Infrastructure

• Artificial Intelligence (AI) Takes the Spotlight in Cisco’s 7th Annual Global Partner Innovation Challenge

• The Zensory and POPP3R Cybersecurity Partner to Boost Mindful Security Behaviour in North America

• Proofpoint to Acquire Data Security Posture Management Firm Normalyze

• Amazon Identified Internet domains Exploited by Russian APT29

• Prometei Botnet: The Persistent Threat Targeting Global Systems

• CISA Releases Three Industrial Control Systems Advisories

• Siemens InterMesh Subscriber Devices

• Delta Electronics InfraSuite Device Master

• Solar-Log Base 15

• Building Resilience: A Post-Breach Security Strategy for Any Organization

• Admins better Spring into action over latest critical open source vuln

• DigiCert – It’s a Matter of Trust

• Risk reduction redefined: How compromise assessment helps strengthen cyberdefenses

• The Cloud Latency Map measures latency across 100+ cloud regions

• Why safeguarding sensitive data is so crucial

• Revolutionizing Dairy Farming with Digital Solutions

• RedLine and Meta Infostealers Disrupted by Law Enforcement

• Securiti Gencore AI accelerates GenAI adoption in the enterprise

• Researchers Uncover Vulnerabilities in Open-Source AI and ML Models

• Law Enforcement Operation Takes Down Redline and Meta Infostealers

• Hackers Use Fog Ransomware To Attack SonicWall VPNs And Breach Corporate Networks

• New Windows Downgrade Attack Let Hackers Downgrade Patched Systems To Exploits

• Notorious WrnRAT Delivered Mimic As Gambling Games

• Best AI Security Tools: Top Solutions, Features & Comparisons

• MoneyGram replaces CEO weeks after massive customer data breach

• Cisco Crisis Response: Reinstating Connectivity to Communities Impacted by Hurricane Helene

• Enhancing Cybersecurity Skills in the U.S. Military and Department of Defense: The Cisco Winning Path to Certification

• Court Orders Google (a Monopolist) To Knock It Off With the Monopoly Stuff

• Update your iPhone, Mac, Watch: Apple issues patches for several vulnerabilities

• Zenity Raises $38 Million to Secure Agentic AI

• Aviatrix unveils features to simplify network security management

• Beyond the Login ? Keeping Accounts Secure with Lifecycle Protection

• Augmenting Training Datasets Using Generative AI

• Fitness App Strava Gives Away Location of Biden, Trump and other Leaders, French Newspaper Says

• Connected car security: Software complexity creates bumps in the road

• Zenity raises $38 million to secure agentic AI

• Phishers reach targets via Eventbrite services

• NIS2 Compliance Puts Strain on Business Budgets

• RedLine and META Infostealers Infrastructure Seized by Authorities

• 10 Reflections and Learnings From My Transformative First Year and a Half at Cisco

• Fog and Akira ransomware attacks exploit SonicWall VPN flaw CVE-2024-40766

• Corero CORE turns isolated security events into actionable intelligence

• Akamai strenghtens protection against account abuse

• Dutch Police Disrupt Major Info Stealers RedLine and MetaStealer in Operation Magnus

• A Sherlock Holmes Approach to Cybersecurity: Eliminate the Impossible with Exposure Validation

• Suspicious Social Media Accounts Deployed Ahead of COP29

• White House Finalises China Tech Investment Curbs

• QR Codes Enable New Enterprise Phishing Threat

• How to configure and customize Kali Linux settings

• Law Enforcement Deanonymizes Tor Users

• July 2024 Cyber Attacks Statistics

• Spooky Spam, Scary Scams: Halloween Threats Rise

• What’s New with the TSA’s Oil and Gas Security Directives?

• CIS Control 15: Service Provider Management

• Merde! Macron’s bodyguards reveal his location by sharing Strava data

• Latest Funding Round Values Start-Up Sierra AI At $4.5bn

• Toyota, NTT Invest $3bn In Autonomous Driving

• Chinese Hackers Scanning Canadian IT Systems for Vulnerabilities

• Lumma/Amadey: fake CAPTCHAs want to know if you’re human

• How to Improve the Security of AI-Assisted Software Development

• Patching problems: The “return” of a Windows Themes spoofing vulnerability

• Canada Says Chinese Reconnaissance Scans Targeting Government Organizations

• Five Eyes Agencies Launch Startup Security Initiative

• Intel Invests $300m To Expand China Chip Processing Plant

• Apple Rolls Out First iPhone AI Features In Software Update

• SMB Force-Authentication Vulnerability Impacts All OPA Versions For Windows

• Apple Patches Over 70 Vulnerabilities Across iOS, macOS, Other Products

• October Cybersecurity Awareness Month: Ensuring Data Security and Compliance is an Ongoing Concern

• PIXM protects MSPs from credential theft and phishing attacks

• ICO: 55% of UK Adults Have Had Data Lost or Stolen

• ClickFix Malware Infect Website Visitors Via Hacked WordPress Websites

• Hardcoded Creds in Popular Apps Put Millions of Android and iOS Users at Risk

• Latrodectus Employs New anti-Debugging And Sandbox Evasion Techniques

• Nadella’s Microsoft Pay Jumps 63 Percent In Spite Of Incentive Cut

• New ChatGPT-4o Jailbreak Technique Enabling to Write Exploit Codes

• Five Eyes nations tell tech startups to take infosec seriously. Again

• Russia-linked espionage group UNC5812 targets Ukraine’s military with malware

• U.S. Government Issues New TLP Guidance for Cross-Sector Threat Intelligence Sharing

• 49% of Enterprises Fail to Identify SaaS Vulnerabilities

• RedLine and Meta infostealer takedown, Russian-backed malware, French telecom breach

• Apple iPhone Users Urged to Upgrade to iOS 18.1 for Enhanced Security

• Understanding Cloud Identity Security (CIS)

• Nintendo Warns of Phishing Attack Mimics Company Email Address

• Innovator Spotlight: Cloud Range

• Wanted. Top infosec pros willing to defend Britain on shabby salaries

• New Research Reveals Spectre Vulnerability Persists in Latest AMD and Intel Processors

• Inside console security: How innovations shape future hardware protection

• Cybersecurity jobs available right now: October 29, 2024

• OT PCAP Analyzer: Free PCAP analysis tool

• Cyware and ECS Partner to Enhance Government Cybersecurity with Advanced Threat Intel Exchange

• Malicious npm Packages Found to Distribute BeaverTail Malware

• The state of password security in 2024

• Combatting Human Error: How to Safeguard Your Business Against Costly Data Breaches

• Trust and risk in the AI era

• Armis Raises $200M at $4.2B Valuation, Eyes IPO

• ISC Stormcast For Tuesday, October 29th, 2024 https://isc.sans.edu/podcastdetail/9200, (Tue, Oct 29th)

• 2024 Startup Battlefield Top 20 Finalists: DGLegacy

• IT Security News Daily Summary 2024-10-28

• Adding threat detection to custom authentication flow with Amazon Cognito advanced security features

• Vulnerability Recap 10/28/24 – Phishing, DoS, RCE & a Zero-Day

• France’s second-largest telecoms provider Free suffered a cyber attack

• The SaaS Governance Gap | Grip Security

• Exploring AAA and TACACS Configuration with Cisco Modeling Labs

• Apple Updates Everything, (Mon, Oct 28th)

• How to identify and prevent insecure output handling

• Top 10 Governance, Risk & Compliance (GRC) Tools

• Leading through learning with Cisco 360 Partner Program

• JPMorgan Chase sues scammers following viral ‘infinite money glitch’

• Spring 2024 PCI DSS and 3DS compliance packages available now

• Apple Launches ‘Apple Intelligence’ and Offers $1M Bug Bounty for Security

• The most secure browser on the web just got a major update – what’s new

• Feds investigate China’s Salt Typhoon amid campaign phone hacks

• INE Launches Initiative to Optimize Year-End Training Budgets with Enhanced Cybersecurity and Networking Programs

• India’s New SMS Traceability Rules to Combat Fraud Begin November 1, 2024

• Hard-Coded Credentials Vulnerability Found In Kubernetes Image Builder

• Check Point Software Celebrates Irish Partner Success

• Russian Court Jails Four REvil Ransomware Gang Members

• What is authentication, authorization and accounting (AAA)?

• Wiz CEO says company was targeted with deepfake attack that used his voice

• Wiz CEO explains why he turned down a $23 billion deal

• Cop Companies Want All Your Data and Other Takeaways from This Year’s IACP Conference

• Data Masking Challenges: Overcoming Complexities in Multi-Database Environments

• NTT Data Taps Palo Alto Networks for MXDR Service

• The Evolution of Phishing Emails: From Simple Scams to Sophisticated Cyber Threats

• Insider threat hunting best practices and tools

• Delta sues CrowdStrike over IT outage fallout

• How a CISO Should Brief the Board of Directors

• DEF CON 32 – AppSec Village – Transforming AppSec Protecting ‘Everything as Code

• DEF CON 32 – AppSec Village – 0 0 0 0 Day Exploiting Localhost APIs From The Browser

• Randall Munroe’s XKCD ‘Sandwich Helix’

• Chinese Hackers Use CloudScout Toolset to Steal Session Cookies from Cloud Services

• How to implement trusted identity propagation for applications protected by Amazon Cognito

• NEW Qilin Ransomware Variant Emerges with Improved Evasion Techniques

• Embargo Ransomware Uses Custom Rust-Based Tools for Advanced Defense Evasion

• UnitedHealth Claims Data of 100 Million Siphoned in Change Healthcare Breach

• Evasive Panda’s CloudScout Toolset Targets Taiwan

• Black Basta operators phish employees via Microsoft Teams

• Types of cybersecurity controls and how to place them

• Criminals Are Blowing up ATMs in Germany

• New Type of Job Scam Targets Financially Vulnerable Populations

• Educated people becoming prime targets to Cyber Frauds

• Advanced CI/CD Pipeline Optimization Techniques Using GitHub Actions

• Europol warns about counterfeit goods and the criminals behind them

• Brazen crims selling stolen credit cards on Meta’s Threads

• Google Invests in Alternative Neutral Atom Quantum Technology

• Vulnerability Summary for the Week of October 21, 2024

• BeaverTail Malware Resurfaces in Malicious npm Packages Targeting Developers

• Russian Espionage Group Targets Ukrainian Military with Malware via Telegram

• Russian Malware Campaign Targets Ukrainian Recruits Via Telegram

• You’re Invited: Rampant Phishing Abuses Eventbrite

• Strengthening Cyber Preparedness through Collaborative Efforts

• Google: Russia Targeting Ukrainian Military Recruits With Android, Windows Malware

• Armis raises $200 million to fuel growth strategy

• Using AUTHID Parameter in Oracle PL/SQL

• A crime ring compromised Italian state databases reselling stolen info

• EU to Apple: “Let Users Choose Their Software”; Apple: “Nah”

• Bad Bots: 6 Common Bot Attacks and Why They Happen

• CrowdStrike outage explained: What caused it and what’s next

• Police operation claims takedown of prolific Redline and Meta password stealers

• Delta officially launches lawyers at $500M CrowdStrike problem

• How To Find & Delete Specific Emails in Gmail using Cloud Monitor by ManagedMethods

• Energy Sector Faces Heightened Supply Chain Risks Amid Growing Dependence on IT and Software Vendors

• Police hacks, disrupts Redline, Meta infostealer operations

• Filigran Secures $35M Investment to Disrupt Threat Intel

• Entrust helps banks fight fraud during account opening

• Cybercriminals Pose a Greater Threat of Disruptive US Election Hacks Than Russia or China

• Hybrid Russian Espionage and Influence Campaign Aims to Compromise Ukrainian Military Recruits and Deliver Anti-Mobilization Narratives

• 2024 Cloud Security Report Trend Micro

• Protecting university students with robust network solutions

• TeamTNT Exploits 16 Million IPs in Malware Attack on Docker Clusters

• 2025 Cyber Security Predictions – The Rise of AI-Driven Attacks, Quantum Threats, and Social Media Exploitation

• Abstract Security Raises $15 Million in Series A Funding

• THN Cybersecurity Recap: Top Threats, Tools and News (Oct 21 – Oct 27)

• Dutch cops pwn the Redline and Meta infostealers, leak ‘VIP’ aliases

• Third-Party Identities: The Weakest Link in Your Cybersecurity Supply Chain

• ExtremeCloud Universal ZTNA enhancements boost visibility and security

• CISA Launches #PROTECT2024 Election Threat Updates Webpage

• China Hackers Targeted Harris, Trump, Vance Phones

• Norwegian Investor Dumps Palantir Over AI Surveillance

• Microsoft Brings Call Of Duty To Game Pass In Major Bet

• Vulnerabilities in Realtek SD Card Reader Driver Impacts Dell, Lenovo, & Others Laptops

• AP Sources: Chinese Hackers Targeted Phones of Trump, Vance, People Associated With Harris Campaign

• PwC Survey Surfaces Lack of Focus on Cyber Resiliency

• Sailing the Seven Seas Securely from Port to Port – OT Access Security for Ships and Cranes

• Cybercriminals Use Webflow to Deceive Users into Sharing Sensitive Login Credentials

• Four REvil Ransomware Group Members Sentenced to Prison in Russia

• Jumio Liveness detects various sophisticated spoofing attacks

• Trending Cybersecurity News Headlines on Google

• Key Cybersecurity Trends Every CISO Should be well aware off

• Nvidia Surpasses Apple As World’s Most Valuable Company

• Meta Adds Reuters Content To AI Chatbot

• Why Security Configuration Management (SCM) Matters

• 5 Things to Learn About COBIT

• Hiring Kit: Computer Forensic Analyst

• Is Firefox Password Manager Secure?

• Researchers Discover Over 70 Zero-Day Bugs at Pwn2Own Ireland

• A week in security (October 21 – October 27)

• TSMC Arizona Chip Plant Yields 4 Percent Higher Than Taiwan

• Huawei Begins Staffing Massive New Research Campus

• AI-Powered BEC Scams Zero in on Manufacturers

• Black Basta affiliates used Microsoft Teams in recent attacks

• Delta Sues Cybersecurity Firm CrowdStrike Over Tech Outage That Canceled Flights

• Shein Profits Drop 70 Percent

• Silicon In Focus Podcast: A New Age of Cyberculture?

• Internet Archive Hacked, Introducing The AI Toilet Camera

• Filigran raises $35 million to drive global expansion

• Integrating Password Managers with Other Tools

• Self-contained HTML phishing attachment using Telegram to exfiltrate stolen credentials, (Mon, Oct 28th)

• Critical WhatsUp Gold Authentication Flaw Exposes Organizations to Cyber Attack

• Industry Moves for the week of October 28, 2024 – SecurityWeek

• Cyber Guru Raises $25 Million for Training Platform

• Historic Change Healthcare breach, Telcom hacks investigation, Delta sues CrowdStrike

• Filigran secures $35M for its cybersecurity threat management suite

• Apple Offers 1 Million Dollar Bug Bounty For It’s Apple Intelligence Services: Cyber Security Today for Monday, October 28, 2024

• WordPress forces user conf organizers to share social media credentials, arousing suspicions

• A good cyber leader prioritizes the greater good

• Four Evil Ransomware Operators Sentenced For Hacking Enterprises

• How isolation technologies are shaping the future of Kubernetes security

• Researchers Uncover OS Downgrade Vulnerability Targeting Microsoft Windows Kernel

• Fraudsters revive old tactics mixed with modern technology

• Cloud Security Essentials

• Enhancing Email Security: The Pivotal Role of AI in Defending Against Evolving Cyber Threats

• Adversarial groups adapt to exploit systems in new ways

• Top 10 strategic technology trends shaping the future of business

• Antivirus Software

• ISC Stormcast For Monday, October 28th, 2024 https://isc.sans.edu/podcastdetail/9198, (Mon, Oct 28th)

• Inside the Open Directory of the “You Dun” Threat Group

Generated on 2024-10-29 23:55:06.520549