IT Security News Weekly Summary – Week 14

• IT Security News Daily Summary 2024-04-07

• A Breakthrough Online Privacy Proposal Hits Congress

• Conn. CISO Raises Security Concerns Over BadGPT, FraudGPT

• Privnote Secure Messaging App Is Under Phishing Threat

• US Environmental Protection Agency Allegedly Hacked, 8.5M User Data Leaked

• The Growing Threat of Remote Desktop Protocol (RDP) Attacks

• 60% of small businesses are concerned about cybersecurity threats

• Birmingham City Computers Breached by Hackers, Mayor Confirms

• The Case Study: The Exploitation of Mechatronics Systems

• Data Brokers are Preparing to Challenge Privacy Legislation

• Facebook Overhauls Confusing Censorship Policy For AI Videos

• LayerSlider Plugin Imperils 1 Million WordPress Sites, Urgent Fixes Mandated!

• Fund Manager Outlines Digital Data as Rising Asset Class

• Strengthening Financial Services: Embracing the Digital Operational Resilience Act (DORA) for Cybersecurity Resilience

• 9 Best Practices for Using AWS Access Analyzer

• Over 92,000 Internet-facing D-Link NAS devices can be easily hacked

• Week in review: 73M customers affected by AT&T data leak, errors led to US govt inboxes compromise

• Enterprise AI Security Firm TrojAI Raises $5.75M in Seed Funding

• Safeguard Your Data and Financial Future This Tax Season

• IT Security News Daily Summary 2024-04-06

• US Cancer Patient Data Breach Affected 800000 Patients Records

• Insights into Recent Malware Attacks: Key Learnings and Prevention Strategies

• AI Developed to Detect Invasive Asian Hornets

• More than 16,000 Ivanti VPN gateways still vulnerable to RCE CVE-2024-21894

• Bing Ad Posing as NordVPN Aims to Propagate SecTopRAT Malware

• Controversial Reverse Searches Spark Legal Debate

• What can be done to protect open source devs from next xz backdoor drama?

• Price of zero-day exploits rises as companies harden products against hackers

• Alejandro Caceres: The Vigilante Hacker Who Took Down North Korea’s Internet

• Best Privacy Browsers (2024): Brave, Safari, Ghostery, Firefox, DuckDuckGo

• Speaking Cyber-Truth: The CISO’s Critical Role in Influencing Reluctant Leadership

• Browsing in Incognito Mode Doesn’t Protect You as Much as You Might Think

• House to Take up Bill to Reauthorize Crucial US Spy Program as Expiration Date Looms

• Unveiling the XZ Utils Backdoor: A Wake-Up Call for Linux Security

• Hackers Exploit Magento Bug to Steal Payment Data from E-commerce Websites

• Identity Thief Lived as a Different Man for 33 Years

• Cisco warns of XSS flaw in end-of-life small business routers

• Ransomware Attack Via Unpatched Vulnerabilities Are Brutal: New Survey

• Apricorn Returns to Compete in 2024 ‘ASTORS’ Homeland Security Awards

• 57,000 Kaspersky Fan Club Forum User Data Leaked in Hosting Breach

• Eclipse joins with industry groups to secure open source

• It’s Time to Update Your Network Assurance Skills

• Vulnerabilities Exposed Hugging Face to AI Supply Chain Attacks

• IT Security News Daily Summary 2024-04-05

• Magento flaw exploited to deploy persistent backdoor hidden in XML

• Friday Squid Blogging: SqUID Bots

• Salt Security Applies Generative AI to API Security

• Anyscale addresses critical vulnerability on Ray framework — but thousands were still exposed

• Beware the Blur: Phishing Scam Drops Byakugan Malware via Fake PDF

• U.K. and U.S. Agree to Collaborate on the Development of Safety Tests for AI Models

• 6 Top Open-Source Vulnerability Scanners & Tools

• Retail Tech Deep-Dive: CAE Labs

• What Lies Ahead for Cybersecurity in the Era of Generative AI?

• “Infrastructures of Control”: Q&A with the Geographers Behind University of Arizona’s Border Surveillance Photo Exhibition

• This backdoor almost infected Linux everywhere: The XZ Utils close call

• Cookie consent choices are just being ignored by some websites

• Cyber Security Today, Week in Review for week ending Friday, April 5, 2024

• The Tech Needed to Survive This Decade’s ‘Seismic’ APAC B2B Trends

• 3 healthcare organizations that are building cyber resilience

• Heightened Hacking Activity Prompts Social Media Security Warning

• Ontario Hospitals Dispatch 326,000 Letters to Patients Affected by Cyberattack Data Breach

• 5 ways to strengthen healthcare cybersecurity

• Latrodectus Uses Sandbox Evasion Techniques To Launch Malicious Payloads

• Ivanti CEO Pledges To Fundamentally Transform Its Hard-Hit Security Model

• Cisco Warns Of Vulnerability In Discontinued Small Business Routers

• Acuity Responds To US Government Data Theft Claims

• Israel’s Justice Ministry Reviewing Cyber Incident After Hacktivists Claim Breach

• 9 top cloud storage security issues and how to contain them

• Ivanti CEO Promises Stronger Security After a Year of Flaws

• FCC: Phone Network Bugs Must Be Fixed — But are SS7/Diameter Beyond Repair?

• GAM3S.GG and Immutable Announce Partnership for Web3 Gaming Expansion

• How your business should deal with negative feedback on social media

• Government Communications: The Threats

• SASE and Zero Trust: A Powerful Combination

• Rise of Hacktivist Groups Targeting OT Systems

• Software supply chain attacks are escalating at an alarming rate

• Hoya suffers a suspected ransomware attack

• AI To Reduce Worker Numbers, Staffing Firm Adecco Warns

• Cisco Warns of Vulnerability in Discontinued Small Business Routers

• Prudential Financial Notifies 36,000 Victims of Data Leak

• $657 Bounty Awarded for Arbitrary File Upload Patched in WEmanage App Worker WordPress Plugin

• Elon Musk’s X Offers Free Blue Checks, Free Subscriptions

• Mastering Skills with Play: The Fusion of Gaming and Learning in Black Belt Gamification

• US government excoriates Microsoft for ‘avoidable errors’ but keeps paying for its products

• Tech Companies Want to Build Artificial General Intelligence. But Who Decides When AGI is Attained?

• CISA Unveils Critical Infrastructure Reporting Rule

• Sensitive Documents Vanish Under Mysterious Circumstances from Europol Headquarters

• Malware Targets End-of-Life Routers and IoT Devices

• AI-as-a-Service Providers Vulnerable to PrivEsc and Cross-Tenant Attacks

• Alleged Home Depot Data Breach: IntelBroker Leaks 22,000 Employee Data

• #MIWIC2024: Nikki Webb, Global Channel Manager at Custodian360

• Proactive and Reactive Ransomware Protection Strategies

• Themes From (And Beyond) Altitude Cyber’s 2023 Cybersecurity Year In Review

• Mapping Your Path to Passwordless

• CyberTowns Initiative Aims to Spotlight Canada’s Top Locations for Cybersecurity Careers

• Chinese Threat Actors Deploy New TTPs to Exploit Ivanti Vulnerabilities

• 10M+ Downloaded Dating App Discloses User’s Exact Location

• Protecting the weakest link: how human errors can put a company in risk

• Federal Court Dimisses X’s Anti-Speech Lawsuit Against Watchdog

• NIST Grants $3.6 Million to Boost US Cybersecurity Workforce

• In Other News: 100,000 Affected by CISA Breach, Microsoft AI Copilot Ban, Nuclear Site Prosecution

• LayerSlider WordPress Plugin Vulnerability Affected Thousands Of Websites

• YubiKey Manager Privilege Escalation Let Attacker Perform Admin Functions

• Heimdal® Joins Internet Watch Foundation to Fight Child Sexual Abuse Imagery

• Hotel check-in terminal bug spews out access codes for guest rooms

• Cyber Security Today, April 5, 2024 – New ransomware gang claims 11 victims, Ivanti promises to overhaul product security, and more

• Apple Axes 600 Staff In First Layoffs Since Pandemic

• Microsoft’s Priva Platform: Revolutionizing Enterprise Data Privacy and Compliance

• Defending Against IoT Ransomware Attacks in a Zero-Trust World

• Wiz Discovers Flaws in GenAI Models Enabling Customer Data Theft

• Oxycorat Android RAT Spotted on Dark Web Stealing Wi-Fi Passwords

• Get an Extra 20% Off a Lifetime of Powerful VPN Protection Through 4/7

• Microsoft AI-Driven Security Tool Copilot for Security is Now GA

• Hackers Hijack Facebook Pages to Mimic AI Brands & Inject Malware

• Lens Maker Hoya Scrambling to Restore Systems Following Cyberattack

• Acuity Responds to US Government Data Theft Claims, Says Hackers Obtained Old Info

• Magento Vulnerability Exploited to Deploy Persistent Backdoor

• Cybersecurity Firms Raised $2.3 Billion in Q1 2024: Report

• Atlassian Flaws Fixes: Critical Bamboo Patch Mitigates Risk

• Expert Insights on IoT Security Challenges in 2024

• CISO Perspectives on Complying with Cybersecurity Regulations

• Red Hat issues “urgent security alert” following attack on XZ Utils compression library

• Maybe the Phone System Surveillance Vulnerabilities Will Be Fixed

• Stream.Security Releases Suite of Next-Gen Features

• Cyberattack disrupted services at Omni Hotels & Resorts

• From PDFs to Payload: Bogus Adobe Acrobat Reader Installers Distribute Byakugan Malware

• China Using AI-Generated Content to Sow Division in US, Microsoft Finds

• From EDR to XDR: Detailed Walkthrough

• Powerhost’s ESXi Servers Encrypted with New SEXi Ransomware

• Critical Progress Flowmon Vulnerability Let Attackers Inject Malicious Code

• 1.3 Million Customers Affected: Pandabuy Grapples with Data Breach Fallout

• Trellix ZTS enables organizations to strengthen cyber resilience

• Keep Your Tech Flame Alive: Akamai Trailblazer Alex Virley

• Exploring Advanced Tripwire Enterprise Capabilities

• Researchers Identify Multiple China Hacker Groups Exploiting Ivanti Security Flaws

• New Wave of JSOutProx Malware Targeting Financial Firms in APAC and MENA

• Multiple Ivanti Connect Secure Flaw Let Attackers Execute Remote Code

• Winnti Hackers’ New UNAPIMON Tool Hijacks DLL And Unhook API Calls

• Bing Ads Exploited by Hackers to Spread SecTopRAT Through NordVPN Mimic

• Face-to-Face 2024 Australia

• FBI shares some valuable insights on ransomware

• Seven tips to find spyware on a smart phone

• Impact of IoT Security for 5G Technology

• Academics probe Apple’s privacy settings and get lost and confused

• AI Package Hallucination – Hackers Abusing ChatGPT, Gemini to Spread Malware

• Security pros are cautiously optimistic about AI

• Cybercriminal adoption of browser fingerprinting

• Feds Patching Years-Old SS7 Vulnerability in Phone Networks

• 22% of employees admit to breaching company rules with GenAI

• HTTP/2 CONTINUATION Flood technique can be exploited in DoS attacks

• New infosec products of the week: April 5, 2024

• How manual access reviews might be weakening your defenses

• Incident Response Orchestration: Streamlining Incident Handling

• Cybersecurity for Nonprofits: Protecting Mission-Critical Data

• ISC Stormcast For Friday, April 5th, 2024 https://isc.sans.edu/podcastdetail/8926, (Fri, Apr 5th)

• HTTP/2 CONTINUATION Flood Vulnerability

• World’s second-largest eyeglass lens-maker blinded by infosec incident

• Feds probe alleged classified US govt data theft and leak

• Smart SOAR’s Innovative Approach to Error-Handling Explained

• Web3 Security Specialist Hypernative To Provide Proactive Protection To The Flare Ecosystem

• DataStax acquires Langflow to accelerate enterprise generative AI app development

• Explore Microsoft’s AI innovations at RSA Conference 2024

• Thought leaders tips to obtain a secure cloud environment

• Facebook AI Tool Accused Of Racial Bias

• IT Security News Daily Summary 2024-04-04

• Google survey: 63% of IT and security pros believe AI will improve corporate cybersecurity

• The Power of AI Assistants and Advanced Threat Detection

• 2024-04-04: Koi Loader/Stealer activity

• Google Patches Pixel Phone Zero-days After Exploitation by

• Ransomware attacks ravaged municipal governments in March

• New Latrodectus Downloader Malware Linked to IcedID and Qbot Creators

• Introducing Confidential Containers Trustee: Attestation Services Solution Overview and Use Cases

• Bing ad for NordVPN leads to SecTopRAT

• Ivanti CEO Vows Cybersecurity Makeover After Zero-Day Blitz

• Google Chrome Enlists Emerging DBSC Standard to Fight Cookie Theft

• Infosec professionals praise CSRB report on Microsoft breach

• Mastering MITRE: Enhancing Cybersecurity with Device Log Mapping

• Feds probe massive alleged classified US govt data theft and leak

• Slicing up DoNex with Binary Ninja, (Thu, Apr 4th)

• Wordfence Intelligence Weekly WordPress Vulnerability Report (March 25, 2024 to March 31, 2024)

• There are plenty of ways to improve cybersecurity that don’t involve making workers return to a physical office

• Alphabet Mulls Offer For Marketing Software Firm HubSpot

• OWASP Disclosed Data Breach Affecting Old Members

• Cisco Industrial IoT: Enabling the global acceleration of offshore wind

• Navigating the Multicloud Journey with Cisco’s New Certifications [Infographic]

• The White House is Wrong: Section 702 Needs Drastic Change

• US To Urge Holland To Halt ASML Servicing Tools For China

• OWASP Reveals Data Breach Stemming from Wiki Misconfiguration

• Smishing Surge: Tactics, Threats, and ‘The Com’

• 5 Best Crypto Marketing Agencies for Web3 Security Brands in 2024

• Jackson County hit by ransomware, declares state of emergency

• New Phishing Campaign Targets Oil & Gas with Evolved Data-Stealing Malware

• Vietnam-Based Hackers Steal Financial Data Across Asia with Malware

• LockBit Scrambles After Takedown, Repopulates Leak Site with Old Breaches

• Cyber Attack propelled Electromagnetic Interference targets ships on Iran Coast

• AT&T To Face Lawsuit Following Breach Impacting 73 Million Customers

• AI Deepfakes Rising as Risk for APAC Organisations

• DOD Officially Launches New Cyber Policy Office

• Jackson County IT Systems Hit By Ransomware Attack

• Tesla Shares Dive After EV Shipments Disappoint

• Google Patches Pixel Phone Zero-days After Exploitation by “Forensic Companies”

• Asia-Pacific Ransomware Threats Depend on Country and Sector, Says Rapid7

• Hitachi Energy Asset Suite 9

• CISA Releases Two Industrial Control Systems Advisories

• CISA Adds Two Known Exploited Vulnerabilities to Catalog

• US cancer center City of Hope: data breach impacted 827149 individuals

• Byakugan – The Malware Behind a Phishing Attack

• A 5-Minute Refresher to Cryptography

• Ivanti commits to secure-by-design overhaul after vulnerability nightmare

• From Promising to Practical: The Transformative Impact of Homomorphic Encryption

• Leadership in the Age of AI: Skills You Need to Succeed

• New JSOutProx Malware Targets Financial Firms in APAC, MENA

• Hackers Hijacked Notepad++ Plugin to Execute Malicious Code

• CISA Joins the Minimum Viable Secure Product Working Group

• Data protection vs. data backup: How are they different?

• Transforming Connectivity: Inside Bush Brothers & Company’s Network Infrastructure Overhaul

• Empowering Partner Success: How 3 Black Female CEOs lead the charge with AACPC

• 1-15 January 2024 Cyber Attacks Timeline

• Fake Lawsuit Threat Exposes Privnote Phishing Sites

• Ivanti Releases Security Update for Ivanti Connect Secure and Policy Secure Gateways

• Israel Used AI To Identify 37,000 Hamas Targets

• WordPress LayerSlide Plugin Bug Risks Password Hash Extraction

• Man Pleads Guilty To Stealing Former Coworker’s Identity For 30 Years

• Cyberattack Causes Disruptions at Omni Hotels

• Omni Hotels suffer prolonged IT outage due to cyberattack

• Taiwan Earthquake Prompts Chip Supply Concerns

• Macs Vulnerable to Info-Stealing Malware via Ads and Fake Software

• NIST awards $3.6 million to address the cybersecurity workforce gap

• Omni hotels hit by a possible ransomware attack

• Exploring the Threat of Data Poisoning in Cybersecurity

• New Red Ransomware Group (Red CryptoApp) Exposes Victims on Wall of Shame

• Mastering The DevOps Toolchain: 10 Essential to Build a DevOps Assembly Line

• Not So Private After All: How Dating Apps Can Reveal Your Exact Location

• US Cancer Center Data Breach Impacting 800,000

• The Five Essentials of Immutable Storage: Why They Matter

• Center Identity Launches Patented Passwordless Authentication for Businesses

• Despite Mounting Cyberattacks, Analysts Uncover The Primary Challenge

• Google’s Incognito Mode: Privacy, Deception, and the Path Forward

• Are YouTube Game Cracks Hiding Malware?

• Ivanti vows to transform its security operating model, reveals new vulnerabilities

• Microsoft reveals how much Windows 10 Extended Security Updates will cost

• Pixel Phone Zero-Days Exploited by Forensic Firms

• SurveyLama Data Breach Impacts 4.4 Million Users

• Cloud Threat Detection Firm Permiso Raises $18 million

• Critical Vulnerability in Progress Flowmon Allows Remote Access to Systems

• CoralRaider targets victims’ data and social media accounts

• 5 Best Password Managers for Android in 2024

• Get a Lifetime of VPN Protection for Just $16

• Meet the new Cisco Catalyst 1200 and 1300 Series Switches for SMBs

• New HTTP/2 Vulnerability Exposes Web Servers to DoS Attacks

• Considerations for Operational Technology Cybersecurity

• Leicester Council Confirms Confidential Documents Leaked in Ransomware Attack

• Surveillance by the New Microsoft Outlook App

• New HTTP/2 DoS Attack Potentially More Severe Than Record-Breaking Rapid Reset

• Deepfake Expert Henry Ajder to Keynote Infosecurity Europe 2024 on AI Challenges

• Ransomware gang did steal residents’ confidential data, UK city council admits

• Researchers Observed Visual Studio Code Extensions Stealing Users’ Sensitive Data

• Hosting Provider VMware ESXi Servers Hit by New SEXi Ransomware

• Zoom Paid Out $10 Million via Bug Bounty Program Since 2019

• Microsoft’s Security Chickens Have Come Home to Roost

• Cyber Insurance Reduces Risk: Five Ways to Lower Your Rates

• CMA Begins Phase 2 Probe Of Vodafone Merger With Three UK

• 9 Must-Do Tips to Secure Ubuntu Server

• Avast One Silver allows users to tailor their coverage based upon their personal preferences

• Intel Shares Slide After Foundry Business Posts $7 Billion Loss

• Security vs. Compliance: What’s the Difference?

• Expert Insight: Breaking the glass firewall: Building a cybersecurity sisterhood

• Threat Actor Claims Classified Five Eyes Data Theft

• A Vigilante Hacker Took Down North Korea’s Internet. Now He’s Taking Off His Mask

• When AI attacks

• Firms Must Work Harder to Guard Children’s Privacy, Says UK ICO

• Ivanti fixed for 4 new issues in Connect Secure and Policy Secure

• Gesture Jacking – New Attack That Deceives Website Visitors

• Understanding ISO 27001:2022 Annex A.10 – Cryptography

• Welcome to 2024: A Year in Review with Akamai Hunt

• KeyTrap Highlights Need for Enduring DNS Defenses for Service Providers

• How to Avoid Email Blacklists and Improve Your Deliverability

• Ivanti Rushes Patches for 4 New Flaws in Connect Secure and Policy Secure

• Jackson County, Missouri, discloses a ransomware attack

• Get end-to-end protection with Microsoft’s unified security operations platform, now in public preview

• Six steps for security and compliance in AI-enabled low-code/no-code development

• Ivanti Rushes Patches for 4 New Flaw in Connect Secure and Policy Secure

• Mantis: Open-source framework that automates asset discovery, reconnaissance, scanning

• Strengthening defenses against nation-state and for-profit cyber attacks

• Healthcare’s cyber resilience under siege as attacks multiply

• Hackers Claiming Breach of Five Eyes Intelligence Group (FVEY) Documents

• 76% of consumers don’t see themselves as cybercrime targets

• ISC Stormcast For Thursday, April 4th, 2024 https://isc.sans.edu/podcastdetail/8924, (Thu, Apr 4th)

• Nearly 1M medical records feared stolen from City of Hope cancer centers

• Broadcast Network Finds Multiple Solutions with Votiro

• 100 kilometers of quantum-encrypted transfer

• Top Signs Your Ad Campaigns Are Being Sabotaged by Bots & How to Stop Them

• Google Fixed Pixel Vulnerabilities CVE-2024-29745 and CVE-2024-29748

• IT Security News Daily Summary 2024-04-03

• Google addressed another Chrome zero-day exploited at Pwn2Own in March

• Smart Traffic Signals Security in the Era of AI and Smart Cars

• Google patches critical vulnerability for Androids with Qualcomm chips

• Want to keep getting Windows 10 updates next year? Here’s what it will cost

• Soft Skills for Cybersecurity Leaders: CISO’s Perspective

• Security Pioneer Ross Anderson Dies At 67

• Microsoft Blamed For A Cascade Of Security Failures In Exchange Breach Report

• ChatGPT Jailbreak Prompts Proliferate On Hacker Forums

• EU Drops Sovereignty Reqs In Cybersecurity Cert Scheme

• Google Chrome gets ‘Device Bound Session Credentials’ to stop cookie theft

• Omni Hotels IT systems down since Friday, hitting bookings, payments, door locks

• Cisco Duo wins Best in KLAS again for the second year in a row

• In Historic Victory for Human Rights in Colombia, Inter-American Court Finds State Agencies Violated Human Rights of Lawyers Defending Activists

• NIST Proposes Public-Private Group to Help with NVD Backlog

• Biden Review Board Gives Microsoft a Big, Fat Raspberry

• Some things you can learn from SSH traffic, (Wed, Apr 3rd)

• Amazon Web Services Lays Off Hundreds Of Staff

• Ostrich Cyber-Risk Announces Partnership with Kyndryl

• Embracing innovation: Derrick’s transition from banking to Microsoft’s Threat Intelligence team

• Musicians, Artists Call For Protection From AI

• The New Version of JsOutProx is Attacking Financial Institutions in APAC and MENA via Gitlab Abuse

• Indian government issues cyber crime alert in view of job offers

• Know the significance of World Cloud Security Day

• Victoria VR Becomes First Virtual Reality Developer to Integrate OpenAI

• Google Cloud/Cloud Security Alliance Report: IT and Security Pros Are ‘Cautiously Optimistic’ About AI

• Google Warns: Android Zero-Day Flaws in Pixel Phones Exploited by Forensic Companies

• FCC To Vote This Month To Restore Net Neutrality

• Delivering on the vision of a modern grid network that’s secure, simple, and scalable

• #MIWIC2024: Hazel McPherson, CISO at ALD Automotive

• Speaking Freely: Emma Shapiro

• Vulnerability Summary for the Week of March 25, 2024

• Cyber Safety Review Board Report Slams Microsoft Security Failures in Government Email Breach

• Sophos Reveals Ransomware Attacks Are Now Targeting Backups

• Expand your IT and cybersecurity skills with this $28 learning bundle

• RoboForm Review 2024: Is It Right for Your Business?

• IoT Botnets and Infostealers Frequently Target Retail Sector

• U.S. Cyber Safety Board Slams Microsoft Over Breach by China-Based Hackers

• Prudential Financial Notifies 36,000 Individuals of Data Breach

• Celebrating 25 Years of OpenSSL

• Jackson County, Missouri, Closes Offices Because of Ransomware Attack

• Number of Chinese Devices in US Networks Growing Despite Bans

• Google Messages’ Gemini Update: What You Need To Know

• Infostealers Prevalent in Retail Sector Cybercrime Trends

• Elon Musk’s X Names New Head Of Safety

• The best travel VPNs of 2024: Expert tested and reviewed

• A True Trusted Advisor

• Palo Alto Networks 2023 ESG Report — Securing Our Digital Future

• Why your data isn’t as safe as you think and what it could cost you

• On Secure Workload Access and Aembit’s Journey to Innovation Sandbox at RSA Conference 2024

• Aembit Selected as Finalist for RSA Conference 2024 Innovation Sandbox Contest

• Navalny’s Revenge? Hackers Siphon Huge Russian Prisoner Database: Report

• Protecting Your Digital Identity: Celebrating Identity Management Day

• Google fixed two actively exploited Pixel vulnerabilities

• CVE and NVD – A Weak and Fractured Source of Vulnerability Truth

• Know Your Audience When Speaking to Security Practitioners

• Google Chrome Beta Tests New DBSC Protection Against Cookie-Stealing Attacks

• IntelBroker Leaks Alleged National Security Data Tied to US Contractor Acuity Inc.

• “When can we be together – forever?” A deep dive into emotional scamming

• Empowering Your Team: 5 Ways Internally Marketing Security Policies can Benefit Your Organization

• Authy vs Google Authenticator: Two-Factor Authenticator Comparison

• The Mystery of ‘Jia Tan,’ the XZ Backdoor Mastermind

• Salt Security Launches AI-Powered Assistant Pepper

• Bridging IT and OT Cybersecurity with AI

• A “cascade” of errors let Chinese hackers into US government inboxes

• New XZ Utils Backdoor Free Scanner to Detect Malicious Executables

• GenAI: The next frontier in AI security threats

• ‘The Manipulaters’ Improve Phishing, Still Fail at Opsec

• Picus Security helps organizations reduce their threat exposure with AI-driven insights

• Critical Vulnerability Found in LayerSlider Plugin Installed on a Million WordPress Sites

• Scathing Federal Report Rips Microsoft for Shoddy Security, Insincerity in Response to Chinese Hack

• Continuous Monitoring and Frameworks: A Web of Security Vigilance

• Picus Security Melds Security Knowledge Graph with Open AI LLM

• NVD’s New Phase, Industry Consortium to Oversee NIST’s Vulnerability Database

• Cyber Slavery: Thousands of Indians Trapped in a Web of Deceit

• Microsoft’s Exchange Server Hack: Key Rotation Flaw Triggers Breach

• Top GenAI Threats – and why Zero Trust AI Access is the Future

• Empowering Your Team: 5 ways internally marketing security policies can benefit your organization

• Google Cloud and CSA: 2024 will bring significant generative AI adoption in cybersecurity, driven by C-suite

• Unlocking the Future of Government Cybersecurity: Insights from CyberScoop’s Zero Trust Summit

• Accelerate the path to PCI DSS 4.0 adoption

• Security pioneer Ross Anderson dies at 67

• Cyber Security Today, April 3, 2024 – New Linux vulnerability is found, and a must-read ransomware case study

• Google bakes new cookie strategy that will leave crooks with a bad taste

• Missouri County Hit by Ransomware

• Microsoft Singled Out In Review Of Chinese Hack Of US Government Emails

• This IT Career Kickstarter Bundle is An Extra 20% Off Through April 7th

• Attack Surface Management vs. Vulnerability Management

• Unveiling the Fallout: Operation Cronos’ Impact on LockBit Following Landmark Disruption

• [Free & Downloadable] Incident Management Policy Template – 2024

• XZ Utils Backdoor Attack Brings Another Similar Incident to Light

• Google Patches Chrome Flaw That Earned Hackers $42,500 at Pwn2Own

• UK and US to Build Common Approach on AI Safety

• Samsung To ‘Redefine’ Bixby With Generative AI

• UN? FBI? World Bank? Deepfake police chief used for compensation scam video

• Class-Action Lawsuit against Google’s Incognito Mode

• Google Patches Exploited Pixel Vulnerabilities

• Bitwarden releases magic links API to improve passwordless user authentication

• NVD: NIST is working on longer-term solutions

• RDP Abuse Present in 90% of Ransomware Breaches

• WhatsApp vs. Signal vs. Telegram vs. Facebook: What data do they have about you?

• Mispadu Trojan Targets Europe, Thousands of Credentials Compromised

• Jackson County Missouri Ransomware Attack Impacts IT Systems

• Exploring Access Control Models: Building Secure Systems in Cybersecurity

• Tripwire Patch Priority Index for March 2024

• New Version of the Vultur Android Banking Trojan Spoofs Security App

• Rust memory safety explained

• Owl Talon 3 provides hardware-enforced, one-way data transfers

• YouTube Video Game ‘Hacks’ Contain Malware Links

• Block Ads And Free Up The Internet For An Extra 20% Off

• Customer Story | Content Filter Protects Student Safety, Data Security, and CIPA Compliance At Azusa Unified School District

• TrueMedia.org introduces deepfake detection tool

• Highly sensitive files mysteriously disappeared from EUROPOL headquarters

• Beware of New Mighty Stealer That Takes Webcam Pictures & Capture Cookies

• Meet clickjacking’s slicker cousin, ‘gesture jacking,’ aka ‘cross window forgery’

• DarkGate Malware Abusing Cloud Storage & SEO Following Delivery Over Teams

• USSD Call Forwarding Deactivation: India’s Move to Safeguard Against Cyber Fraud

• Critical Security Flaw Found in Popular LayerSlider WordPress Plugin

• Location tracking and the battle for digital privacy

• How Google plans to make stolen session cookies worthless for attackers

• Cybersecurity jobs available right now: April 3, 2024

• Indian government’s cloud spilled citizens’ personal data online for years

• Microsoft Priva announces new solutions to help modernize your privacy program

• Human risk is the top cyber threat for IT teams

• Cyber attacks on critical infrastructure show advanced tactics and new capabilities

• Microsoft slammed for lax security that led to China’s cyber-raid on Exchange Online

• Microsoft slammed for lax security that led to Exchange Online attack

• ISC Stormcast For Wednesday, April 3rd, 2024 https://isc.sans.edu/podcastdetail/8922, (Wed, Apr 3rd)

• Threat Intelligence Platforms: Leveraging Actionable Insights

• Prioritizing Cyber Risk: Get a leg up with AI

• Our People and Our Growth: Key Drivers of Akamai?s ESG Strategy

• XZ Utils Backdoor ? Everything You Need to Know, and What You Can Do

• Announcing Flow-IPC, an Open-Source Project for Developers to Create Low-Latency Applications

• The Sustainability Team Is Listening. Here?s What We Heard.

• What Is a Heuristic Virus? + How to Remove It

• SurveyLama – 4,426,879 breached accounts

• Feds finally decide to do something about years-old SS7 spy holes in phone networks

• Gomble Games Secures $10M Funding to Advance Ambitious Web3 Gaming Vision

• Vulnerability Exposed Ibis Budget Guest Room Codes to Hackers

• Guide to New CSRD Regulation for Data Center Operators

• Thinking about a Career in Governance, Risk and Compliance? Follow this Path

• How to conduct a data privacy audit, step by step

• Facebook Is Pushing App Store Providers To Be Responsible For Age Verification

• AT&T confirms 73 million people affected by data breach

• IT Security News Daily Summary 2024-04-02

• 3 UK Cyber Security Trends to Watch in 2024

• How to Escape the 3 AM Page as a Kubernetes Site Reliability Engineer

• A Deep Dive on the xz Compromise

• Defending against IoT ransomware attacks in a zero-trust world

• Open source foundations unite on common standards for EU’s Cyber Resilience Act

• Rubrik’s IPO filing hints at thawing public markets for tech companies

• Microsoft expands Priva suite to tackle evolving privacy landscape

• Understanding Brute Force Attacks: The Persistent Threat in Cybersecurity

• XSS flaw in WordPress WP-Members Plugin can lead to script injection

• OWASP server blunder exposes decade of resumes

• Chrome’s Incognito Mode Isn’t as Private as You Think — but Google’s Not Sorry

• Microsoft Copilot for Security brings GenAI to SOC teams

• Open source foundations unite on common standards for EU’s Cybersecurity Resilience Act

• xz Utils Backdoor

• Google To Destroy Browsing Data To Settle Consumer Privacy Lawsuit

• Microsoft Warns Deepfake Election Subversion Is Disturbingly Easy

• Security Flaw In WP-Members Plugin Leads To Script Injection

• Heartbleed Is 10 Years Old – Farewell Heartbleed, Hello QuantumBleed!

• OWASP breach exposes decade of resumes due to misconfigured server

• Shares In Trump’s Truth Social Firm Rise, Then Tumble

• Powerloom Announces Expansion to Base as It Surpasses 5200 Snapshotter Lite Nodes

• Binarly released the free online scanner to detect the CVE-2024-3094 Backdoor

• Public WiFi Convenience Leads to Cyber Threats, Read to Know Everything

• Foiled Attempt to Hack Supply Chain Sparks Concerns in Washington DC

• Authentic8 launches Silo Shield Program to Protect High-Risk Communities in Partnership with CISA

• US, UK join forces on AI safety and testing AI models

• Cloud computing forensics techniques for evidence acquisition

• OpenAI Drops Sign Up Need To Access ChatGPT

• Declassified NSA Newsletters

• The Challenges of Zero Trust 800-207 and Advocating for Prescriptive Controls

• Chrome’s Incognito Mode: Not as Private as You Think — but Google’s not Sorry

• UK, US Sign Agreement To Test AI Safety

• Authentic8 launches Silo Shield program to protect high-risk communities in partnership with CISA

• Chrome to Fight Cookie Theft With Device Bound Session Credentials

• AT&T Data Breach Reveals 73 Million Users’ Info on Hacker Forum

• Navigating Data Protection: What Car Shoppers Need to Know as Vehicles Turn Tech

• Linux Servers Targeted by DinodasRAT Malware

• Google’s latest project could help protect you against cookie theft

• Pandabuy admits to data breach of 1.3 million unique records

• Sophos: Backups are in the Crosshairs of Ransomware Groups

• AT&T Confirms 73 Million Customer Data Breach Linked to Dark Web

• Ransomware criminals target backups for assured ransom

• Apple To Bring RCS To iPhones Autumn 2024, Says Google

• 5 Major Phishing Campaigns in March 2024

• TechCrunch Minute: AT&T data breach prompts millions of passcodes to be reset

• Security Flaw in WP-Members Plugin Leads to Script Injection

• SBOMs are now essential: Make them actionable to better manage risk

• Researchers Report Sevenfold Increase in Data Theft Cases

• $5,500 Bounty Awarded for Unauthenticated SQL Injection Vulnerability Patched in LayerSlider WordPress Plugin

• CISA Publishes High-Risk Communities Webpage

• IOSIX IO-1020 Micro ELD

• CISA Publishes New Webpage Dedicated to Providing Resources for High-Risk Communities

• CISA Releases One Industrial Control Systems Advisory

• ‘Reverse’ searches: The sneaky ways that police tap tech companies for your private data

• Cisco Secure Application makes it easier than ever to secure your cloud native applications and sensitive data

• Google Strengthens Gmail Security, Blocks Spoofed Emails to Combat Phishing

• Microsoft Unbundles Teams From Office Suite

• Microsoft warns deepfake election subversion is disturbingly easy

• Re-architecting Broadband Networks

• Build for Better Code Challenge Focuses on AI and Sustainability

• Trusted Contributor Plants Sophisticated Backdoor in Critical Open-Source Library

• The Future of Defense in an Era of Unprecedented Cyber Threats

• Cybersecurity trends: Some rays of hope among the dark clouds

• What Kubernetes Users Need to Know About Windows Node Attacks

• 4 Incident Triage Best Practices for Your Organization in 2024

• JCDC Working and Collaborating to Build Cyber Defense for Civil Society and High-Risk Communities

• Trusted Advisor now available for Mac, iOS, and Android

• The Latest Threat CISOs Cannot Afford to Ignore—Business Payment Fraud

• Silicon In Focus Podcast: Smart ESG: Your Data, Your Sustainability

• The evolution of a CISO: How the role has changed

• Hotel Self Check-In Kiosks Exposed Room Access Codes

• Deciphering the Impact of Neural Networks on Artificial Intelligence Evolution

• Fortinet upgrades its real-time network security operating system

• Malicious Code in XZ Utils for Linux Systems Enables Remote Code Execution

• Clearpool Expands to Avalanche with Listed Fintech Firm Launching First Credit Vault

• Swalwell for Congress Campaign Partners with Wolfsbane.ai to Protect Against AI-Generated Cloning

• Indian Govt Rescues 250 Citizens Trapped In Cambodia Forced Into Cyber-Slavery

• Rubrik files to go public following alliance with Microsoft

• Fastly Bot Management protects websites, apps, and valuable data from malicious automated traffic

• Hundreds of Indians Rescued from Cambodian Cybercrime Gangs

• Swalwell for Congress Campaign Partners with Wolfsbane.ai to Protect Against AI Generated Cloning

• Beyond Imagining – How AI is actively used in election campaigns around the world

• Top 6 Passwordless Authentication Solutions for 2024

• Prioritizing risk based vulnerability compliance for Financial Institutions

• Tech Tools for the Future: Zebras, AI, and Girls in ICT Day

• AI, Cybersecurity and the Rise of Large Language Models

• Compromising Bank Customer Trust: The Price of Inadequate Data Protection

• Why risk management is key for Oracle ERP Cloud Success

• PandaBuy Data Breach: 1.3 Million Customers Data Leaked

• Google agreed to erase billions of browser records to settle a class action lawsuit

• Cybersecurity M&A Roundup: 27 Deals Announced in March 2024

• AT&T data leaked: 73 million customers affected

• Adversaries are leveraging remote access tools now more than ever — here’s how to stop them

• Understanding LLM Security: Threats, Applications, and Everything In-Between

• Polish officials may face criminal charges in Pegasus spyware probe

• From Mobile Coding to Cisco Intern: My Tech Transformation Story

• Google To Destroy Billions Of Private Browsing Records

• Google to Delete Billions of User’s Personal Data Collected Via Chrome Browser

• INC Ransom claims to be behind ‘cyber incident’ at UK city council

• OWASP Data Breach Caused by Server Misconfiguration

• Prudential Financial Data Breach Impacts 36,000

• Heartbleed is 10 Years Old – Farewell Heartbleed, Hello QuantumBleed!

• In the News | State Governments Can Boost K-12 Cybersecurity

• Harnessing the Power of CTEM for Cloud Security

• Top 3 Cybersecurity Tools to Protect Business Data

• #MIWIC2024: Dr. Iretioluwa Akerele, Co-Founder of Cyblack

• Cato Shatters SASE Speed Record

• Keeper Security Announces Passkey Support on Mobile Devices

• Expert Insight: Why do women feel cybersecurity isn’t for them?

• Rhysida Ransomware leaks MarineMax data files after cyber attack

• Alert: Connectwise F5 Software Flaws Used To Breach Networks

• Navigating the PHP 7.4 End of Life: A Retrospective Analysis

• OpenSSL Vulnerabilities Patched in Ubuntu 18.04

• LogRhythm Axon enhancements improve data management and operational efficiency

• TechRepublic Premium Editorial Calendar: Policies, Checklists, Hiring Kits and Glossaries for Download

• Happy 20th birthday Gmail, you’re mostly grown up – now fix the spam

• Boat Dealer MarineMax Confirms Data Breach

• The Best SIEM Tools To Consider in 2024

• Veracode acquires Longbow Security to help organizations reduce application risk

• Indian Authorities Rescue Hundreds Trafficked For Cybercrime

• Pentagon Releases Cybersecurity Strategy To Strengthen Defense Industrial Base

• Avoiding the dangers of AI-generated code

• What’s New in NIST’s Cybersecurity Framework 2.0?

• Oops, Malware! Now What? Dealing with Accidental Malware Execution

• Impersonation Scams Net Fraudsters $1.1bn in a Year

• xz-utils Backdoor Affects Kali Linux Installations – How to Check for Infection

• Live Forensic Techniques To Detect Ransomware Infection On Linux Machines

• The XZ Backdoor: Everything You Need to Know

• PandaBuy data breach allegedly impacted over 1.3 million customers

• On Hiatus

• 71% Website Vulnerable: API Security Becomes Prime Target for Hackers

• Apple’s GoFetch silicon security fail was down to an obsession with speed

• Volt Typhoon Threat Report

• Google to Delete Billions of Browsing Records in ‘Incognito Mode’ Privacy Lawsuit Settlement

• OpenSSL 3.3 Beta Release Live

• Veracode Announces Acquisition of Longbow Security

• Earth Freybug Uses UNAPIMON for Unhooking Critical APIs

• Massive Phishing Campaign Strikes Latin America: Venom RAT Targeting Multiple Sectors

• What the ID of tomorrow may look like

• Cloud Active Defense: Open-source cloud protection

• Why AI forensics matters now

• Cybersecurity Training for Employees: Building a Security-Aware Culture

• 73% brace for cybersecurity impact on business in the next year or two

• 6 keys to navigating security and app development team tensions

• ISC Stormcast For Tuesday, April 2nd, 2024 https://isc.sans.edu/podcastdetail/8920, (Tue, Apr 2nd)

• Google to Purge Billions of Files Containing Personal Data in Settlement of Chrome Privacy Case

• Unearthing Identity Threat Exposures

• Six banks share customer info to help Singapore fight money laundering

• Cloud Security Compliance: Navigating Regulatory Requirements

• A software supply chain meltdown: What we know about the XZ Trojan

• Backdoor Discovered in XZ Utils: Patch Your Systems Now (CVE-2024-3094)

• Webinar Recap: Cybersecurity Trends to Watch in 2024

• US House of Reps tells staff: No Microsoft Copilot for you!

• OWASP discloses a data breach

• Data Privacy: A Guide for Individuals & Families

• IT Security News Daily Summary 2024-04-01

• Banks in Singapore begin sharing data to combat financial crime

• The Incognito Mode Myth Has Fully Unraveled

• 2024 State of Malware in Education report: Top 6 cyberthreats facing K-12 and Higher Ed

• Malicious xz backdoor reveals fragility of open source

• Veracode Buys Longbow Security for Automated Root Cause Analysis Tech

• HYAS Threat Intel Report April 1 2024

• Can Parents See Internet History on Wi-Fi?

• Facebook Scammer Tricked His Way Into Victims’ Home Before Stealing Laptop

• Cisco at NAB 2024: Committed to Delivering Next-Level Experiences That ‘Wow’

• Vulnerability Recap 4/1/24: Cisco, Fortinet & Windows Server Updates

• Introducing New Pricing For Wordfence CLI!

• Data Security Fears: Congress Bans Staff Use of Microsoft’s AI Copilot

• Top Tech Conferences & Events to Add to Your Calendar in 2024

• Transform Your Cybersecurity Training with OffSec’s Cyber Ranges

• Free VPN apps turn Android phones into criminal proxies

• Beware of the FedEx Courier Scam: How Innocent Indians Are Losing Money

• Rising Cybercrime Threats and Prevention Measures Ahead of 2024

• The Critical Role of IT Support and Services in Today’s Business World

• AT&T resets passcodes for 7.6 million customers after data leak. What experts are saying

• The biggest challenge with increased cybersecurity attacks, according to analysts

• Understanding ISO 27001:2022 Annex A.9 – Access Control

• The Cybersecurity Industry Starts Picking Through Malicious XZ Utils Code

• After Denial, AT&T Confirms Data Breach Affecting 73 Million Users

• 7 Common Cybersecurity Mistakes Made by SMBs

• Rev Up to Recert: Network Assurance Learn and earn CE credits for free

• Cryptocurrency and Blockchain security due diligence: A guide to hedge risk

• Importance of report writing for pen testers

• Ola Bini Faces Ecuadorian Prosecutors Seeking to Overturn Acquittal of Cybercrime Charge

• ‘Vultur’ Android Malware Gets Extensive Device Interaction Capabilities

• ‘WallEscape’ Linux Vulnerability Leaks User Passwords

• The AI Revolution in Access Management: Intelligent Provisioning and Fraud Prevention

• Cybersecurity Industry Starts Picking Through Malicious XZ Utils Code

• Cybersecurity news headlines trending on Google

• Hackers Target macOS Users with Malicious Ads: A Deeper Look

• AI Hallucinated Packages Fool Unsuspecting Developers

• Here’s How Smart Card Are Tracking Your Private Data

• The amazingly scary xz sshd backdoor, (Mon, Apr 1st)

• Unauthenticated Stored Cross-Site Scripting Vulnerability Patched in WP-Members Membership Plugin – $500 Bounty Awarded

• New Zealand Joins US, UK, Netherlands Alleging Chinese Cyber Espionage

• New Vultur malware version includes enhanced remote control and evasion capabilities

• April is Emergency Communications Month

• OpenAI Delays Release Of Voice Cloning Tool, Amid Election Concerns

• AT&T resets passcodes for 7.6 million customers following dark web data leak

• How a Houthi-Bombed Ghost Ship Likely Cut Off Internet for Millions

• Pave the Way for New Revenue with Transport Slicing Automation and Assurance

• Real Time Exposure Detection Is the Missing Element of Every Cybersecurity Strategy

• Nearly 3M people hit in Harvard Pilgrim healthcare data theft

• Dark Data helps boost business: Unveiling hidden insights

• US Tightens AI Chip Export Restrictions To China

• Magic Security Dust

• FAQ On The xz-utils Backdoor

• Hackers Stolen Russian Prisoner Database To Avenge Death Of Navalny

• TheMoon Malware Grows To 40,000 Bots From 88 Countries

• Major Linux Distributions Impacted By XZ Utils Backdoor

• The Top MSP KPIs and Metrics You Should Measure as a Managed Service Provider

• Supply Chain Attack: Major Linux Distributions Impacted by XZ Utils Backdoor

• Confidence in the Cloud Starts With Visibility and Zero-Trust

• Indian Government Rescues 250 Citizens Forced into Cybercrime in Cambodia

• AT&T Says Data Of 7.6 Million Account Holders Leaked On Dark Web

• Ross Anderson, Professor & Author of ‘Security Engineering’ Book passes away

• Check Point Software: Pioneering Vision in Endpoint Protection

• Ex-White House CIO tells The Reg: TikTok ban may be diplomatic disaster

• Ethics of Cyber Security: To Disclose or Not?

• No Joke: You Can Actually Save Money on Cyber Insurance

• The Strategic Role of AI in Governance, Risk and Compliance (GRC)

• Australia Takes Stride In Cybersecurity Measures

• Werewolf Hackers Exploiting WinRAR Vulnerability To Deploy RingSpy Backdoor

• IRS scams: How to avoid getting tricked

• QR Code Phishing Attacks: Threat Actors Are Now Shopping Online with You

• AT&T admits massive 70m+ mid-March data dump is real, but claims it’s years old

• The Unseen Threat: How Chinese Hackers Target Family Members to Surveil Hard Targets

• The Week of Crypto Platform Breaches: Prisma Finance Incident Highlights

• Google new Password Manager raises security concerns

• What is innovative frictionless security

• 6 business benefits of data protection and GDPR compliance

• Pentagon established the Office of the Assistant Secretary of Defense for Cyber Policy

• Detecting Windows-based Malware Through Better Visibility

• The xz-utils backdoor in security advisories by national CSIRTs, (Mon, Apr 1st)

• Activision Players Attacked by Password Stealing Malware: Investigation In Progress

• Cyber Security Today, April 1, 2024 – An alert about a critical Linux vulnerability, a warning about password-spray attacks on Cisco VPNs, and more

• FTC Investigates TikTok Over Security, Privacy – Report

• Malicious Apps Caught Secretly Turning Android Phones into Proxies for Cybercriminals

• US Congress Bans Use Of Microsoft AI Copilot – Report

• Imperva Web Application Firewall Flaw Let Attackers Bypass WAF Rules

• New Hotel Lock Vulnerabilities, Glassdoor Anonymity Issues

• Info stealer attacks target macOS users

• Backdoor in upstream xz/liblzma Let Attackers Hack SSH Servers

• Pandabuy – 1,348,407 breached accounts

• XZ Utils Backdoor Vulnerability (CVE-2024-3094) Advisory

• The Internet just changed – did you notice?

• Hackers Using Microsoft OneNote Files to Orchestrate Cyber Attacks

• Critical Security Alert Released After Malicious Code Found in XZ Utils

• Behind the LockBit Takedown: Strategies and Significance

• A week in security (March 25 – March 31)

• Understanding ISO 27001-2022 Annex A.9 – Access Control

• A Ghost Ship’s Doomed Journey Through the Gate of Tears

• Vultur Android Banking Trojan Returns with Upgraded Remote Control Capabilities

• How to design and deliver an effective cybersecurity exercise

• DinodasRAT Linux Malware Attack on Linux Servers to Gain Backdoor Access

• Bombshell in SSH servers! What CVE-2024-3094 means for Kubernetes users

• Escalating malware tactics drive global cybercrime epidemic

• Infosec products of the month: March 2024

• Securing privacy in the face of expanding data volumes

• ISC Stormcast For Monday, April 1st, 2024 https://isc.sans.edu/podcastdetail/8918, (Mon, Apr 1st)

• Incident Response Playbooks: Streamlining Incident Management

• From OneNote to RansomNote: An Ice Cold Intrusion

• Ross Anderson

• IT Security News Monthly Summary – April

• Advocates Say Facebook Allows Anti-LGBTQ Hate To “Flourish” On Platforms

• IT Security News Weekly Summary – Week 13

• IT Security News Daily Summary 2024-03-31

• PyPI Halts New User Registrations to Combat Malware Campaign

• XZ Utils backdoor update: Which Linux distros are affected and what can you do?

• Checking CSV Files, (Sun, Mar 31st)

• Security Affairs newsletter Round 465 by Pierluigi Paganini – INTERNATIONAL EDITION

• Wireshark 4.2.4 Released, (Sun, Mar 31st)

• Rust developers at Google are twice as productive as C++ teams

• Enterprise AI Adoption Raises Cybersecurity Concerns

• Inside the failed attempt to backdoor SSH globally — that got caught by chance

• What to Do When Someone Steals Your Identity Online? – 8 Expert Tips

• What are Deepfakes and How to Spot Them

• Virtual Reality Headsets: A Gateway for Hackers?

• DinodasRAT Linux variant targets users worldwide

• Critical Backdoor Found in XZ Utils (CVE-2024-3094) Enables SSH Compromise

• Protecting Data in The Final Stretch of The Supply Chain

• Sophisticated Dutch Bank Helpdesk Scam Unveils Database with Over 7 Million Email Addresses

• Understanding and Shrinking Attack Surfaces: A Comprehensive Guide

• Passwords In the Air

• Cybersecurity Tabletop Exercises: How Far Should You Go?

• You Should Update Apple iOS and Google Chrome ASAP

• RDP remains a security concern – Week in security with Tony Anscombe

• Week in review: Backdoor found in XZ utilities, weaponized iMessages, Exchange servers at risk

• Understanding ISO 27001:2022 Annex A.8 – Asset Management

• Secure Remote Access: Enabling Remote Work Without Compromising Security

• Washington State Food Worker Card – 1,594,305 breached accounts

• AT&T Says Data on 73 Million Customers Leaked on Dark Web

• Threat Brief: Vulnerability in XZ Utils Data Compression Library Impacting Multiple Linux Distributions (CVE-2024-3094)

• Cybersecurity Metrics: Measuring Security Effectiveness

• AT&T confirmed that a data breach impacted 73 million customers

• An Accidental Discovery of a Backdoor Likely Prevented Thousands of Infections

Generated on 2024-04-08 00:00:00.956061