IT Security News Daily Summary 2024-11-12

• WordPress Database Scanning For Malware Released in Wordfence CLI 5.0.1

• Microsoft’s November Patch Tuesday Fixes 91 Vulnerabilities, 4 Zero-Days

• Microsoft Patch Tuesday, November 2024 Edition

• Ahold Delhaize experienced a cyber incident affecting several of its U.S. brands

• Here’s what we know about the suspected Snowflake data extortionists

• Pentagon Secrets Leaker Jack Teixeira Sentenced to 15 Years in Prison by a Federal Judge

• Discover duplicate AWS Config rules for streamlined compliance

• Qwen2.5-Coder just changed the game for AI programming—and it’s free

• Signal offers an encrypted alternative to Zoom – see how it works

• Scaling Global Protection: DataDome Expands to Over 30 Points of Presence (PoP) Worldwide

• Context is King: Using API Sessions for Security Context

• Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039)

• Data Vigilante Leaks 8 Million Employee Records from Amazon, HP and Others

• Singapore wants police to stop stubborn victims from sending money to scammers

• Norton vs McAfee: Compare Antivirus Software 2025

• Ivanti Releases Security Updates for Multiple Products

• OpenSSL in Red Hat Enterprise Linux 10: From engines to providers

• ‘Cybersecurity issue’ at Food Lion parent blamed for US grocery mayhem

• Microsoft Confirms Zero-Day Exploitation of Task Scheduler Flaw

• Microsoft November 2024 Patch Tuesday, (Tue, Nov 12th)

• Get NordVPN free for three months with this early Black Friday deal

• Patch Tuesday: Critical Flaws in Adobe Commerce, Photoshop, InDesign, Illustrator

• Protecting Critical Infrastructure: A Collaborative Approach to Security for ICS, OT, and IIoT

• ARMO selected by Orange Business to Secure its Managed Kubernetes Services

• Explore Tidal Cyber with our Demo Video Library

• Is the latest book on “Pentesting APIs” any good?

• Critical Security Flaw in SEIKO EPSON Devices Allows Unauthorized Access

• Toward greater transparency: Publishing machine-readable CSAF files

• Hamas-linked Threat Group Expands Espionage and Destructive Operations

• Snowflake hackers identified and charged with stealing 50 billion AT&T records

• Exceptional User Experience — Every Application, Every Transaction

• How to Prevent Phishing Attacks

• Citrix Releases Security Updates for NetScaler and Citrix Session Recording

• A cyberattack on payment systems blocked cards readers across stores and gas stations in Israel

• Expert Insight: The digital pandemic: How cyber threats are threatening life as we know it

• HTTP your way into Citrix’s Virtual Apps and Desktops with fresh exploit code

• Vulnerability Summary for the Week of November 4, 2024

• TA455’s Iranian Dream Job Campaign Targets Aerospace with Malware

• UK Senior Citizens should be cautious with SMS Scams for winter heating pay

• Microsoft blocked your Windows 11 upgrade? This trusty tool can (probably) fix that

• CISA, FBI, NSA, and International Partners Release Joint Advisory on 2023 Top Routinely Exploited Vulnerabilities

• CISA Releases Five Industrial Control Systems Advisories

• Hitachi Energy TRO600

• Rockwell Automation FactoryTalk View ME

• 2023 Top Routinely Exploited Vulnerabilities

• Managing third-party risks in complex IT environments

• North Korean Hackers Employ macOS Malware to Target Crypto Firms

• Global Companies Targeted by “CopyR(ight)hadamantys” Phishing Scam Using Advanced Infostealer Malware

• New Phishing Tool GoIssue Targets GitHub Developers in Bulk Email Campaigns

• New Flaws in Citrix Virtual Apps Enable RCE Attacks via MSMQ Misconfiguration

• Phishing Tool GoIssue Targets Developers on GitHub

• Important Update: IP Address Change for VirusTotal

• Bitdefender vs. Malwarebytes: Which antivirus is best?

• Top 5 Google Authenticator Alternatives in 2024

• SIEM vs. SOAR vs. XDR: Evaluate the key differences

• GitLoker Strikes Again: New “Goissue” Tool Targets GitHub Developers and Corporate Supply Chains

• Druva empowers businesses to secure data throughout Microsoft environments

• Akamai App Platform reduces the complexity associated with managing Kubernetes clusters

• BlackFog platform enhancements boost data loss prevention

• CISOs Turn to Indemnity Insurance as Breach Pressure Mounts

• Man Gets 25 Years for Online Dating Hostage Scams Targeting Americans

• New GitLoker-Linked GoIssue Tool Targets GitHub Users for Phishing

• 6 Principles of Operational Technology Cybersecurity released by joint NSA initiative

• Amazon confirms employee data exposed in leak linked to MOVEit vulnerability

• Ahold Delhaize Cybersecurity Incident Impacts Giant Food, Hannaford

• GUEST ESSAY: The promise and pitfalls of using augmented reality– ‘AR’ — in cybersecurity

• 5 Best Vendor Risk Management Solutions

• Insurance Firm Introduces Liability Coverage for CISOs

• Hot Topic breach: Has your credit card info been compromised?

• F5 AI Gateway secures and optimizes access to AI applications

• North Korean Hackers Target macOS Using Flutter-Embedded Malware

• New Citrix Zero-Day Vulnerability Allows Remote Code Execution

• Bitwarden vs. 1Password: Which password manager is best?

• Apple indeed added a feature called “inactivity reboot” in iOS 18.1 that reboots locked devices

• Criminals Exploiting FBI Emergency Data Requests

• The PANCCD™ Model: Strengthening Cyber Resiliency and Compliance

• Embracing Proactive Fraud Management with Real-Time Orchestration

• DNA testing company vanishes along with its customers’ genetic data

• Form I-9 Compliance Data Breach Impacts Over 190,000 People

• Supreme Court Weighs Shareholder Lawsuit Against Meta Over Data Disclosure

• Zscaler Zero Trust Segmentation prevents lateral movement from ransomware attacks

• North Korea Hackers Leverage Flutter to Deliver macOS Malware

• Japan To Invest $65bn In Chip Industry

• Huawei Asks Judge To Dismiss Charges In US Federal Case

• The Real Problem With Banning Masks at Protests

• The WIRED Guide to Protecting Yourself From Government Surveillance

• Ymir ransomware, a new stealthy ransomware grow in the wild

• Top 10 Flexera Competitors and Alternatives for Patch Management

• The PANCCD™ Model: Strengthening Cyber Resiliency and Compliance

• Amazon Employee Data Leaked by Hacker

• Eurotech ReliaGATE 15A-14 enables organizations to meet regulatory standards

• Immersive Labs AI Scenario Generator improves cyber skills against various attack types

• 5 Ways Behavioral Analytics is Revolutionizing Incident Response

• ModeLeak: Privilege Escalation to LLM Model Exfiltration in Vertex AI

• FTX Sues Binance Over Alleged $1.8bn Fraud

• IT Security Terms: Regulations, Standards, Controls, Frameworks, and Policies – Where to Start!?

• Winter Fuel Payment Scam Targets UK Citizens Via SMS

• The PANCCD™ Model: Strengthening Cyber Resiliency and Compliance

• Massive troves of Amazon, HSBC employee data leaked

• Australian States Support Social Media Ban For Under-16s

• Amazon Developing Smart Glasses For Delivery Drivers

• VMware Workstation & Fusion Now Available for Free to All Users

• The PANCCD™ Model: Strengthening Cyber Resiliency and Compliance

• New iOS Security Feature Reboots Devices to Protect User Data: Reports

• Browser Warning: Fake Websites Steal Millions from Users

• Energy Giant Halliburton Reveals $35m Ransomware Loss

• Rising Threat of Malware and DDoS Attacks on Government Organizations

• US Orders TSMC To Halt AI Chip Sales To China

• Dell Enterprise SONiC Flaw Let Attackers Hijack the System

• The PANCCD™ Model: Strengthening Cyber Resiliency and Compliance

• Halliburton cyberattack costs, Israel credit card DDoS, Forth announces breach

• New Wave of Phishing Attacks Exploits Microsoft Visio Files for Two-Step Credential Theft

• The PANCCD™ Model: Strengthening Cyber Resiliency and Compliance

• Fraudsters Abuse DocuSign API for Legit-Looking Invoices

• DoD Zero Trust Strategy proves security benchmark years ahead of schedule with Microsoft collaboration

• New Ymir Ransomware Exploits Memory for Stealthy Attacks; Targets Corporate Networks

• Apple iPhone inactivity reboot data security feature and Amazon data breach 2024

• The Growing Threat of Ransomware in 2024: What You Need to Know

• Best Practices in Penetration Testing: Ensuring Robust Security

• 5 Identity Theft Challenges Every Business Needs to Tackle

• Amazon Confirms Employee Data Breach Via Third-party Vendor

• The PANCCD™ Model: Strengthening Cyber Resiliency and Compliance

• 2025 Global State of API Security Report – New Data Shows API Breaches Continue to Rise Due to Fraud, Bot Attacks, and GenAI Risks

• The PANCCD™ Model: Strengthening Cyber Resiliency and Compliance

• Veeam RCE Bug Now a Target for Frag Ransomware Operators

• Powerpipe: Open-source dashboards for DevOps

• Evaluating your organization’s application risk management journey

• The changing face of identity security

• New Phishing Campaign Delivers Advanced Remcos RAT Variant

• Six Questions to Ask Your Would-Be SIEM Provider

• The PANCCD™ Model: Strengthening Cyber Resiliency and Compliance

• Cybersecurity jobs available right now: November 12, 2024

• 10 Best DNS Management Tools – 2025

• The PANCCD™ Model: Strengthening Cyber Resiliency and Compliance

• The Ultimate Guide to the CGRC

• Ambitious cybersecurity regulations leave companies in compliance chaos

• The PANCCD™ Model: Strengthening Cyber Resiliency and Compliance

• ISC Stormcast For Tuesday, November 12th, 2024 https://isc.sans.edu/podcastdetail/9218, (Tue, Nov 12th)

• The PANCCD™ Model: Strengthening Cyber Resiliency and Compliance

• The PANCCD™ Model: Strengthening Cyber Resiliency and Compliance

• Amazon discloses employee data breach after May 2023 MOVEit attacks

• The PANCCD™ Model: Strengthening Cyber Resiliency and Compliance

• The PANCCD™ Model: Strengthening Cyber Resiliency and Compliance

• IT Security News Daily Summary 2024-11-11

• The PANCCD™ Model: Strengthening Cyber Resiliency and Compliance

• Google DeepMind open-sources AlphaFold 3, ushering in a new era for drug discovery and molecular biology

• Avast SecureLine VPN Review 2024: Is It a Good VPN for You?

• The PANCCD™ Model: Strengthening Cyber Resiliency and Compliance

• 6 Things to Know About Improving Threat Intelligence Collection

• The PANCCD™ Model: Strengthening Cyber Resiliency and Compliance

• Google Cloud To Implement MFA as a Mandatory Feature

• NordVPN maker’s new identity theft protection service will reimburse you

• Amazon confirms employee data stolen after hacker claims MOVEit breach

• DEF CON 32 – Reverse Engineering MicroPython Frozen Modules

• Canada Remembrance Day 2024 / Jour du Souvenir du Canada 2024

• Bitcoin Rises Above $84,000 On US Election Optimism

• New Remcos RAT Variant Targets Windows Users Via Phishing

• WEF Introduces Framework to Strengthen Anti-Cybercrime Partnerships

• Microsoft Bookings Flaw Enables Account Hijacking and Impersonation

• 600 Million Daily Cyberattacks: Microsoft Warns of Escalating Risks in 2024

• Hacker Claims to Publish Nokia Source Code

• Cyberattack Impacts Georgia Hospital, Colorado Pathology Services

• How to Prevent a Ransomware Attack and Secure Your Business

• Robust Intelligence, Now Part of Cisco, Recognized as a 2024 Gartner® Cool Vendor™ for AI Security

• Fortinet Training Institute Expands Cyber Education Opportunities for Veterans

• FBI issues warning as crooks ramp up emergency data request scams

• Microsoft Visio Files Used in Sophisticated Phishing Attacks

• Sweet Security Announces Availability of its Cloud Native Detection & Response Platform on the AWS Marketplace

• Cyber Threat by Google searching Bengal Cats legal in Australia

• A new fileless variant of Remcos RAT observed in the wild

• Meta1st embraces AI for new approach to Human Risk Management

• Exclusive: Northflank scores $22.3 million to make cloud infrastructure less of a nightmare for developers

• This mysterious iPhone upgrade protects your data from thieves

• FBI Warns US Organizations of Fake Emergency Data Requests Made by Cybercriminals

• Maximize your cloud security experience at AWS re:Invent 2024: A comprehensive guide to security sessions

• Bitcoin Fog Operator Gets 12.5 Years for Longest-Running Bitcoin Laundering

• AI’s math problem: FrontierMath benchmark shows how far technology still has to go

• Black Duck Appoints Industry Veteran Sean Forkan as Chief Revenue Officer to Drive Global Sales and Accelerate Growth

• Cyberattack Cost Oil Giant Halliburton $35 Million

• Honoring One Year of Check Point’s U.S. Military, Veterans, and Allies ERG: Our Ongoing Dedication to Supporting Veterans

• October 2024’s Most Wanted Malware: Infostealers Surge as Cyber Criminals Leverage Innovative Attack Vectors

• Robust Intelligence, Now Part of Cisco, Recognized as a 2024 Gartner® Cool Vendor™ for AI Security

• DNS Security Strategies: Protecting Against Ransomware, Botnets, And Data Theft

• Dark web crypto laundering kingpin sentenced to 12.5 years in prison

• Debt Relief Firm Forth Discloses Data Breach Impacting 1.5 Million People

• CISA Urges Patching of Critical Palo Alto Networks’ Expedition Tool Vulnerability

• Veeam Patches High-Severity Vulnerability as Exploitation of Previous Flaw Expands

• The Top 9 Cyber Risk Management Trends in 2025 | Kovrr

• The Urgent Call: How a Phishing Email Pushed Buckeye Elementary to Strengthen Cyber Defenses

• THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 04 – Nov 10)

• EU Ramps Up Cyber Resilience with Major Crisis Simulation Exercise

• Law Firm Data Breach Impacts 300,000 Presbyterian Healthcare Patients

• The ROI of Security Investments: How Cybersecurity Leaders Prove It

• US Takes Chip Equipment Makers To Task Over China Sales

• Regulator Demands Answers Over Tesla FSD Social Media Posts

• Many Legacy D-Link NAS Devices Exposed to Remote Attacks via Critical Flaw

• MY TAKE: Technology breakthroughs, emerging standards are coalescing to assure IoT integrity

• Three trending Cybersecurity news headlines on Google

• What is Machine Identity Management?

• Tor Network Suffers IP Spoofing Attack Via Non-Exit Relays

• New Android Malware SpyAgent Taking Screenshots Of User’s Devices

• The AI Machine Gun of the Future Is Already Here

• What Is a Privileged Access Workstation?

• HPE Issues Critical Security Patches for Aruba Access Point Vulnerabilities

• Security Flaws in Popular ML Toolkits Enable Server Hijacks, Privilege Escalation

• TSMC Suspends Advanced Chip Orders For China Customers

• China’s SMIC Benefits From AI Chip Boom In Spite Of Sanctions

• Judge Dismisses Personal Claims Against Meta’s Zuckerberg

• ASML IT Outage Disrupts Worldwide Operations

• Nvidia Market Value Surges Above $3.6tn

• Creating a Real-Time USB Monitoring Rule for Enhanced Security and Compliance

• Ymir: new stealthy ransomware in the wild

• Pensioners Warned Over Winter Fuel Payment Scam Texts

• Phishing by Design: Two-Step Attacks Using Microsoft Visio Files

• An Ultimate Guide to Exchange Server Database Recovery

• Industry Moves for the week of November 11, 2024 – SecurityWeek

• Palo Alto Networks Addresses Remote Code Execution Vulnerability Claims

• Trend Micro and Japanese Partners Reveal Hidden Connections Among SEO Malware Operations

• Hot Topic – 56,904,909 breached accounts

• Man Gets 12.5 Years for Running Bitcoin Fog Crypto Mixer

• Mysterious iPhone Reboots Frustrate Law Enforcement: Cyber Security Today for Monday, November 11, 2024

• Honoring service: Cisco’s commitment to veterans

• A week in security (November 4 – November 10)

• PDF Object Streams, (Mon, Nov 11th)

• Third-Party Risk Management: The Top 7 Predictions for 2025

• A surge in Pro-Russia cyberattacks after decision to monitor North Korean Troops in Ukraine

• Regulator limits phone use, Hacked police emails, UK seniors scammed

• How to Speed Up Your Computer with Antivirus

• Metasploit Framework Released with New Features

• Threat Actors Allegedly Claim Leak of 489 Million Lines of Instagram Data

• Malicious PyPI Package Steals AWS Credentials

• Advanced Persistent Teenagers, Okta Bug Allowed Logins Without a Correct Password

• Detect and Destroy APTs with Crystal Eye TDIR

• Threat Actors Allegedly Claim Leak of Harley-Davidson Database

• November 2024 Patch Tuesday forecast: New servers arrive early

• Cybercriminals Use Excel Exploit to Spread Fileless Remcos RAT Malware

• Strategies for CISOs navigating hybrid and multi-cloud security

• 4 reasons why veterans thrive as cybersecurity professionals

• How human ingenuity continues to outpace automated security tools

• Setting a security standard: From vulnerability to exposure management

• Alleged Snowflake attacker gets busted by Canadians – politely, we assume

• 
zipdump & PKZIP Records, (Sun, Nov 10th)

• ISC Stormcast For Monday, November 11th, 2024 https://isc.sans.edu/podcastdetail/9216, (Mon, Nov 11th)

• The Importance of Effective Incident Response

Generated on 2024-11-12 23:55:04.687275