IT Security News Weekly Summary – Week 15

• IT Security News Daily Summary 2024-04-14

• Facebook Testing Tools To Auto-Blur Nudity In Teens’ DMs

• Deciphering Metrics: From NCAA Women’s Basketball to Cyber Trends

• USENIX Security ’23 – How to Bind Anonymous Credentials to Humans

• Apple Alerts iPhone Users of ‘Mercenary Attack’ Threat

• Canadian retail chain Giant Tiger data breach may have impacted millions of customers

• Upcoming Speaking Engagements

• Iranian Hackers Use New C2 Tool ‘DarkBeatC2’ in Recent Operation

• Is Facial Biometrics the Future of Digital Security?

• How Israel Fended Off Iran’s Drone and Missile Attack

• The Silent Flaw: How a 6-Year-Old BMC Vulnerability Went Unnoticed

• 300 Strikes: Fort Worth’s Battle Against the Medusa Gang

• Security Affairs newsletter Round 467 by Pierluigi Paganini – INTERNATIONAL EDITION

• Delinea has cloud security incident in Thycotic Secret Server gaff

• Week in review: Palo Alto Networks firewalls under attack, Microsoft patches two exploited zero-days

• How to track and stop CVE-2024-3400: Palo Alto Devices API Exploit Causing Critical Infrastructure and Enterprise Epidemics

• Red Hat Enterprise Linux 7: End of compliance content on June 30, 2024

• How Israel Is Defending Against Iran’s Drone Attack

• Best Practices for Optimizing Web Development Standards for Media Sites

• IT Security News Daily Summary 2024-04-13

• Crooks manipulate GitHub’s search results to distribute malware

• ISC Stormcast For Sunday, April 14th, 2024 https://isc.sans.edu/podcastdetail/8938, (Sat, Apr 13th)

• What is Web Application Security Testing?

• BatBadBut flaw allowed an attacker to perform command injection on Windows

• Offensive Security Necessitates a Data-driven Approach for CISOs

• Unmasking the “Golden Top” Cybercrime Syndicate: Zambia’s Battle Against Deception

• AI’s Role in Averting Future Power Outages

• U.S. Treasury Hamas Spokesperson for Cyber Influence Operations

• Ex-Security Engineer Jailed 3 Years for $12.3 Million Crypto Exchange Thefts

• X’s URL Blunder Sparks Security Concerns

• E-Challan Fraud, Man Loses Rs 50,000 Despite Not Sharing Bank OTP

• Critical Palo Alto GlobalProtect Vulnerability Exploited (CVE-2024-3400), (Sat, Apr 13th)

• House Passes Reauthorization of Key US Surveillance Program After Days of Upheaval Over Changes

• Government spyware is another reason to use an ad blocker

• Stay Safe This Tax Season: Fake Tax Apps Pushing Malware on the Rise

• Windows Apps Vulnerable to Command Injection via “BatBadBut” Flaw

• Space Force Is Planning a Military Exercise in Orbit

• From Alert Fatigue to Leadership Acumen: How MDR Empowers CISO Aspirations

• Keeping cybersecurity within focus as economic pressures take hold

• Roku Breach Hits 567,000 Users

• Cybercriminals Employ Obfuscation in Invoice Phishing Malware Campaigns

• Hackers Deploy Python Backdoor in Palo Alto Zero-Day Attack

• Cyber Attacks: The Need For an IT and Board-Level Understanding of the Risks

• Introducing the Cyber Security & Cloud Congress North America 2024, just 10 weeks away!

• S.T.O.P. is Working to ‘Ban The Scan’ in New York

• Giant Tiger – 2,842,669 breached accounts

• CISA Warns of Compromised Microsoft Accounts

• Retail Tech Deep-Dive: Meraki MT Sensors

• Cisco Gold Partner: A Team Approach to Certification Turns to Gold at Advanced Unibyte

• Zero-day exploited right now in Palo Alto Networks’ GlobalProtect gateways

• USENIX Security ’23 – Fast IDentity Online with Anonymous Credentials (FIDO-AC)

• EFF Submits Comments on FRT to Commission on Civil Rights

• iPhone Users in 92 Countries Targeted by Mercenary Spyware Attacks

• IT Security News Daily Summary 2024-04-12

• State-Sponsored Hackers Exploit Zero-Day to Backdoor Palo Alto Networks Firewalls

• Rust gets security fix for Windows vulnerability

• Pros and cons of 7 breach and attack simulation tools

• Roku disclosed a new security breach impacting 576,000 accounts

• Google One VPN axed for everyone but Pixel loyalists … for now

• CISA Briefs World Travel Organization Expedia with Advice on Security

• House Votes to Extend—and Expand—a Major US Spy Program

• AI Safety Summit round two draws government, industry leaders to Seoul next month

• 12 Data Loss Prevention Best Practices (+ Real Success Stories)

• NordPass Review 2024: Is It the Right Fit for Your Business?

• Cyber Security Today, Week in Review for week ending Friday, April 12, 2024

• CVE-2024-3400 exploited: Unit 42, Volexity share more details about the attacks

• Roku Faces Cyber Attack Impact 500000 Accounts – The Analysis

• OAuth (Open Authorization)

• Change Healthcare Faces Another Ransomware Threat—and It Looks Credible

• What Does EFF Mean to You?

• Why you need an SBOM (Software Bill Of Materials)

• Cybersecurity Decluttered: A Journey to Consolidation

• Communication Skills in Cybersecurity

• Shadow AI: The Murky Threat to Enterprise Adoption of Generative AI

• Sisense Hacked: CISA Warns Customers at Risk

• Threat Brief: Operation MidnightEclipse, Post-Exploitation Activity Related to CVE-2024-3400

• Apple Alerts iPhone Users in 92 Countries to Mercenary Spyware Attacks

• Security engineer jailed for 3 years for $12M crypto hacks

• How to change your Social Security Number

• Wiz Acquires Gem Security, Pushes Security Tools Consolidation

• The essential duo of SCA and SBOM management

• Windows Systems Vulnerable to Attacks Due to Critical ‘BatBadBut’ Rust Flaw

• LastPass Dodges Deepfake Scam: CEO Impersonation Attempt Thwarted

• Alert! Palo Alto RCE Zero-day Vulnerability Actively Exploited in the Wild

• Sisense’s data breach is serious enough that CISA is investigating. Here’s what you need to do

• Roku says 576,000 user accounts hacked after second security incident

• Calling All Past Alumni to Test their Strength and Compete

• Secrets of SharePoint Security: New Techniques to Evade Detection

• US House bill prohibits ransomware payments over $100,000

• Sophos Study: 94% of Ransomware Victims Have Their Backups Targeted By Attackers

• Free and Downloadable Email Security Policy Template

• RubyCarp: Insights Into the Longevity of a Romanian Cybercriminal Gang

• The Future of Quantum Computers: Challenging Space Encryption with Light

• AI Could Be As Impactful as Electricity, Predicts Jamie Dimon

• Popular Rust Crate liblzma-sys Compromised with XZ Utils Backdoor Files

• Palo Alto Networks discloses RCE zero-day vulnerability

• China Tells Telecom Carriers To Phase Out Foreign Chips – Report

• The best VPN services for iPhone and iPad in 2024: Expert tested and reviewed

• Keeper Password Manager Review 2024: Who Should Use It?

• How Ukraine’s cyber police fights back against Russia’s hackers

• Maximize Managed Services: Cisco ThousandEyes Drives MSPs Towards Outstanding Client Experiences

• Roku Says More Than 500,000 Accounts Impacted In Cyberattack

• Palo Alto Networks Warns Of Exploited Firewall Vulnerability

• More Legal Acrimony For Truth Social, As Executive Says He Was Hacked

• French Issue Alerte Rouge After Local Govs Knocked Offline By Cyberattack

• LockBit Copycat DarkVault Spurs Rebranding Rumor

• Microsoft breach allowed Russian spies to steal emails from US government

• US-China Competition to Field Military Drone Swarms Could Fuel Global Arms Race

• In Other News: Moscow Sewage Hack, Women in Cybersecurity Report, Dam Security Concerns

• Lessons from XZ Utils: Achieving a More Sustainable Open Source Ecosystem

• Juniper Releases Security Bulletin for Multiple Juniper Products

• CISA Adds One Known Exploited Vulnerability to Catalog

• Citrix Releases Security Updates for XenServer and Citrix Hypervisor

• CISA Urges Immediate Credential Reset After Sisense Breach

• 6-year-old Lighttpd Flaw Impacts Intel And Lenovo Servers

• The Zensory Partners with UK Cyber Week to Showcase Importance of Inclusivity With ‘The Inclusive Cyber Space’

• SharePoint Flaws Could Help Threat Actors Evade Detection Easier When Stealing Files

• Safeguarding America’s Future: Mitigating the Implications of Chinese Control Over U.S. Critical Infrastructure

• Case Study Segregation of Duties Oracle ERP Cloud

• 5 Best CAPTCHA Plugins for WordPress Websites

• AT&T emails 70M customers, causes massive traffic spike at Experian. Here’s what happened

• DevSecOps Practices for a Secure Cloud

• The Vulture in Cyberspace: A Threat to Your Finances

• Vendors Beware of the Cybersecurity Audit

• Hackers Employ Deepfake Technology To Impersonate as LastPass CEO

• US think tank Heritage Foundation hit by cyberattack

• LastPass employee targeted via an audio deepfake call

• Sam Bankman-Fried Appeals FTX Fraud Sentence Of 25 Years

• ‘BatBadBut’ Command Injection Vulnerability Affects Multiple Programming Languages

• Threat Actors Manipulate GitHub Search to Deliver Malware

• Palo Alto Networks Warns of Exploited Firewall Vulnerability

• Exploitation of Unpatched D-Link NAS Device Vulnerabilities Soars

• Code Keepers: Mastering Non-Human Identity Management

• Understanding ISO 27001:2022 Annex A.13 – Communications Security

• Smuggling Gold by Disguising it as Machine Parts

• Top MSP Events to Attend in 2024 – A Cybersecurity Expert’s Choice

• CISA Urges Sisense Customers to Reset Credentials and Report Suspicious Activity

• CISA Issues Emergency Directive and Orders Agencies to Mitigate the Risks of the Microsoft Hack

• Cyber Security Today, April 12, 2024 – A warning to Sisense customers, a new tactic for spreading the Raspberry Robin worm, and more

• Palo Alto Networks Warns About Critical Zero-Day in PAN-OS

• AT&T finally acknowledges data breach affecting 51 million people

• DuckDuckGo Launches Privacy Pro: 3-in-1 service With VPN

• Sisence Data Breach, CISA Urges To Reset Login Credentials

• UK Regulator Flags Competition Risks Of AI Foundation Models

• Checklist: Securing Digital Information

• TA547 targets German organizations with Rhadamanthys malware

• Check Point boosts security in Harmony Email & Collaboration

• Zero-Day Alert: Critical Palo Alto Networks PAN-OS Flaw Under Active Attack

• Iranian MuddyWater Hackers Adopt New C2 Tool ‘DarkBeatC2’ in Latest Campaign

• LastPass Employee Targeted With Deepfake Calls

• Zscaler extends zero trust SASE and eliminates the need for firewall-based segmentation

• Cyber Attack Surge by 28%:Education Sector at High Risk

• XZ backdoor story – Initial analysis

• Palo Alto Networks firewalls under attack, hotfixes incoming! (CVE-2024-3400)

• Cado Security teams up with Wiz to accelerate forensic investigations and minimize cloud threats

• Midnight Blizzard’s Microsoft Corporate Email Hack Threatens Federal Agencies: CISA Warns

• Palo Alto Networks enhances Cortex XSIAM to help SecOps teams identify cloud threats

• YouTube being used by hackers to spread Malware

• Safeguarding Your Data: Strategies to Mitigate AI-Related Security Risks

• French issue alerte rouge after local governments knocked offline by cyber attack

• Sneaky Credit Card Skimmer Disguised as Harmless Facebook Tracker

• Building a Live SIFT USB with Persistence, (Fri, Apr 12th)

• CISA: Russian Hackers Stole Emails Between U.S. Agencies and Microsoft

• Apple stops warning of ‘state-sponsored’ attacks, now alerts about ‘mercenary spyware’

• Strategies to cultivate collaboration between NetOps and SecOps

• U.S. Federal Agencies Ordered to Hunt for Signs of Microsoft Breach and Mitigate Risks

• The next wave of mobile threats

• Why women struggle in the cybersecurity industry

• NIPS Troubleshooting Steps for No Log

• New infosec products of the week: April 12, 2024

• ISC Stormcast For Friday, April 12th, 2024 https://isc.sans.edu/podcastdetail/8936, (Fri, Apr 12th)

• Cypago Unveils New Automation Support for AI Security and Governance

• Taxi App Vendor Data Leak: 300K Passengers Data Exposed

• Best Paid and Free OSINT Tools for 2024

• AT&T blasts email to 70M customers, causes massive traffic spike at Experian. Here’s what happened

• Space Force boss warns ‘the US will lose’ without help from Musk and Bezos

• CISA adds D-Link multiple NAS devices bugs to its Known Exploited Vulnerabilities catalog

• Breakthrough promises secure quantum computing at home

• Google Extends Generative AI Reach Deeper into Security

• IT Security News Daily Summary 2024-04-11

• 2024 Cybersecurity Excellence Awards – Extended Deadline

• Locking down container security once and for all with Rust-based Edera

• DuckDuckGo’s Privacy Pro bundles a VPN with personal data removal and identity theft restoration

• Why CISA is Warning CISOs About a Breach at Sisense

• US Government on High Alert as Russian Hackers Steal Critical Correspondence From Microsoft

• Simbian Unveils Generative AI Platform to Automate Cybersecurity Tasks

• Full-stack application and data security with business risk observability

• How One Industry Exemplifies the Importance Of Cybersecurity In Critical Infrastructure Assurance

• Apple warns people of mercenary attacks via threat notification system

• CISA discloses Sisense breach, customer data compromised

• Facebook Downplays Threat Of AI Misinformation In An Election Year

• How to check if your data was exposed in the AT&T breach

• CISA Adds Two Known Exploited Vulnerabilities to Catalog

• CISA Releases Nine Industrial Control Systems Advisories

• Siemens SINEC NMS

• Siemens RUGGEDCOM APE1808

• Siemens SIMATIC S7-1500

• US says Russian hackers stole federal government emails during Microsoft cyberattack

• US CISA published an alert on the Sisense data breach

• Apple Warns of ‘Mercenary Spyware Attacks’ on iPhone Users

• AI Integration in Cybersecurity Challenges

• Threatening Emails Rattle Bengal Schools: Police Pursue Latvia Lead

• The internet is already scary enough without April Fool’s jokes

• CISA Directs Federal Agencies to Immediately Mitigate Significant Risk From Russian State-Sponsored Cyber Threat

• identity management (ID management)

• Wordfence Intelligence Weekly WordPress Vulnerability Report (April 1, 2024 to April 7, 2024)

• Siemens Telecontrol Server Basic

• Siemens Scalance W1750D

• Siemens SIMATIC WinCC

• Cybersecurity Market Faces Funding Downturn in Q1 2024

• Micron Notes DRAM Supply Hit After Taiwan Earthquake

• Sisense Data Breach Triggers CISA Alert and Urgent Calls for Credential Resets

• Data Access Platform PVML Launches With $8 Million in Funding

• Zscaler to Acquire Network Segmentation Tech Startup Airgap Networks

• Google To Spend $1 Billion On Two Subsea Cables To Japan

• Instagram plans to blur nudes DMed to teens, hoping to fight sextortion scams

• Innovative Financing for Amazon Region Preservation and Restoration

• The Importance of a Multi-Layer Security Stack

• The Hidden Impact of Ad Fraud on Your Marketing Budget

• Look Out For SIM Swap Scams: Tips for Bitcoin Security

• How information can be protected in hotel data breaches

• Taxi Software Vendor Data Leak: 300K Passengers Data Exposed

• Google Cloud and Palo Alto Networks Deliver Cloud-Native NGFW Service

• Bad Amendments to Section 702 Have Failed (For Now)—What Happens Next?

• Safeguard Data with Access Governance and Monitoring

• Apple Boosts Spyware Alerts For Mercenary Attacks

• Comparing the Benefits of Microsegmentation vs. VLANs

• How to Dramatically Simplify PCI DSS Compliance

• 2024 Insider Threat Report Trends, Challenges, and Solutions

• Will Quantum Computing Change the Way We Use Encryption?

• Instagram To Blur Nude Images In Messages To Minors

• US Senator Hints At TikTok Divestiture Deadline Extension

• DragonForce Ransomware – What You Need To Know

• 96% of US hospital websites share visitor info with Meta, Google, data brokers

• Data Breach Exposes 300k Taxi Passengers’ Information

• TA547 Hackers Launching AI-Powered Cyber Attacks Targeting Organizations

• Reverst: HTTP Reverse Tunnels Over QUIC

• Apple warns of mercenary spyware attacks against iPhone users. Should you be worried?

• Knostic Emerges From Stealth With Enterprise Gen-AI Access Controls

• Inside AWS’s Crusade Against IP Spoofing and DDoS Attacks

• Simbian Emerges From Stealth With $10 Million to Build Autonomous AI-Based Security Platform

• 91,000 Smart LG TV Devices Susceptible to Unauthorised Remote Access

• Under Siege: Ukrainian Cyber Warriors Erase Vital Russian Military Data Center

• New Android Espionage Campaign Spotted in India and Pakistan

• Understanding ISO 27001:2022 Annex A.11 – Physical and Environmental Security

• The Best Personal Safety Devices, Apps, and Wearables (2024)

• Palo Alto Networks fixed multiple DoS bugs in its firewalls

• Apple Drops Term State-Sponsored Attacks From Its Threat Notification Policy

• Ivanti empowers IT and security teams with new solutions and enhancements

• CISA warns about Sisense data breach

• AI’s Role in Bolstering Cybersecurity: A Transformative Approach

• Enhancing Open-Source Software Security: Implementing NIST SP800-204d and Leveraging OpenSSF

• US government urges Sisense customers to reset credentials after hack

• Meta will auto-blur nudity in Instagram DMs in latest teen safety step

• Unified SASE: The Third Era of Network Security

• US Cyber Force Assisted Foreign Governments 22 Times in 2023

• Why Intelligence Sharing Is Vital to Building a Robust Collective Cyber Defense Program

• Ransomware group maturity should influence ransom payment decision

• Raspberry Robin Distributed Through Windows Script Files

• Cyber Resilient 911 Symposium Blog Post

• AI and GDPR: How is AI being regulated?

• Compromise of Sisense Customer Data

• Awkward Adolescence: Increased Risks Among Immature Ransomware Operators

• Sidestepping SharePoint Security: Two New Techniques to Evade Exfiltration Detection

• Simbian raises $10 million to automate security operations with GenAI

• Analyzing Bitcoin Price Trends and Crypto Scalping Methods

• Understanding the Red Hat security impact scale

• Heimdal® Adds PASM to the World’s Widest Cybersecurity Platform

• Warning! Rust Standard Library Flaw Enables Windows Command Injection Attacks

• 92,000 D-Link NAS Devices Vulnerable to Remote Code Execution

• Google Pays Out $41,000 for Three Serious Chrome Vulnerabilities

• Conservative Revolt in the House Blocks Effort to Reauthorize a Key US Spy Tool

• IMF: Financial Firms Lost $12 Billion to Cyberattacks in Two Decades

• 4 Best Open Source Password Managers for Teams in 2024

• DuckDuckGo Is Taking Its Privacy Fight to Data Brokers

• Simbian brings AI to existing security tools

• Cisco Secure Access Wins Global Security Service Edge Customer Value Leadership Award

• TA547 Phishing Attack Hits German Firms with Rhadamanthys Stealer

• Python’s PyPI Reveals Its Secrets

• CISA Opens Its Internal Malware Analysis Tool for Public Use

• Backdoor in XZ Utils That Almost Happened

• Apple Staff At New Jersey Store Seek To Unionise

• Client-Side Exploitation: Poisoning WebDAV+URL+LNK to Deliver Malicious Payloads

• Apple Warns Users in 92 Countries About Mercenary Spyware Attacks

• Cyberespionage Group Earth Hundun’s Continuous Refinement of Waterbear and Deuterbear

• Cybersecurity: Benefits and Best Practices

• Apple warns of mercenary spyware attacks on iPhone users in 92 countries

• Alethea Raises $20 Million for Disinformation Detection and Mitigation Solution

• Google Cloud Unveils New AI-Powered Security Capabilities

• Palo Alto Networks Patches Vulnerabilities Allowing Firewall Disruption

• Meta Shows Off Next Generation AI Chip

• Hackers Manipulate GitHub Search To Deliver Clipboard-Hijacking Malware

• Global taxi software vendor exposes details of nearly 300K across UK and Ireland

• AppViewX CERT+ helps organizations identify and renew certificates before they expire

• Threat Actors Game GitHub Search to Spread Malware

• Fortra For Windows Vulnerability Let Attackers Escalate Privilege

• Understanding ISO 27001:2022 Annex A.12 – Operations Security

• Microsoft fixed two zero-day bugs exploited in malware attacks

• Digimarc and DataTrails join forces to provide proof of digital content authenticity

• Unveiling the Cyber Well-Being Conundrum: Navigating Burnout’s Impact on Charity and SME Cybersecurity

• Microsoft’s April 2024 Patch Tuesday includes two actively exploited zero-day vulnerabilities

• Your Guide to Threat Detection and Response

• US Data Breach Reports Surge 90% Annually in Q1

• PVML raises $8 million to offer protection for enterprise data

• Apple Updates Spyware Alert System to Warn Victims of Mercenary Attacks

• Apple alerts users in 92 nations to mercenary spyware attacks

• OpenSSL 3.3 Final Release Live

• Evolution of Artificial Intelligence Systems and Ensuring Trustworthiness, (Thu, Apr 11th)

• NIST CSF: A “Fellowship” for Your Cybersecurity Journey to 2.0

• Apple Expands Spyware Alert System to Warn Users of Mercenary Attacks

• Fortinet Rolls Out Critical Security Patches for FortiClientLinux Vulnerability

• TenSec 2019

• Exploiting Wi-Fi Stack on Tesla Model S

• Tencent Keen Security Lab joins GENIVI Alliance

• Tencent Keen Security Lab: Experimental Security Assessment on Lexus Cars

• Tencent Security Keen Lab: Experimental Security Assessment of Mercedes-Benz Cars

• History of RSA Conference. Bruce Schneier. The First ‘Exhibitor’ in 1994.

• Apple issues warning against Mercenary Spyware

• How Google’s 90-day TLS certificate validity proposal will affect enterprises

• Cyber Espionage: Turla APT Hackers Attack European Organization With Backdoor

• Apple alerts users in 92 nations to mercenary attacks in new warning

• Leveraging AI for enhanced compliance and governance

• Graylog: Open-source log management

• 2024-04-09: Data dump from Latrodectus malware infection

• 37% of publicly shared files expose personal information

• Stopping security breaches by managing AppSec posture

• 2024-04-05: Data dump from Astaroth (Guildma) malware infection

• ISC Stormcast For Thursday, April 11th, 2024 https://isc.sans.edu/podcastdetail/8934, (Thu, Apr 11th)

• The Irrefutable Case for Customer-Native (In-Your-Cloud) DSPM

• Salvadoran Citizens – 946,989 breached accounts

• OWASP Top 10 for LLM Applications: A Quick Guide

• Group Health Cooperative data breach impacted 530,000 individuals

• Match Systems report on consequences of CBDC implementation, led by CEO Andrei Kutin

• Virtual Reality and the ‘Virtual Wall’

• IT Security News Daily Summary 2024-04-10

• fraud detection

• Maryland State Passes Two Major Privacy Bills To Stop Facebook Data Gathering

• Trump Loyalists Kill Vote on US Wiretap Program

• AT&T states that the data breach impacted 51 million former and current customers

• It’s 2024 and Intel silicon is still haunted by data-spilling Spectre

• CISA Releases Malware Next-Gen Analysis System for Public Use

• How to protect yourself from online harassment

• USENIX Security ’23 – Discovering Adversarial Driving Maneuvers against Autonomous Vehicles

• The best travel VPNs of 2024

• Uber adds safety options that every rider should start using – here’s how

• President Biden ‘Considering’ Request To Drop Julian Assange Charges

• Fortinet fixed a critical remote code execution bug in FortiClientLinux

• India’s Businesses Under Huge Cyber Threats, Kaspersky Reported

• LinkedIn Users Targeted in Complex Phishing Scheme

• Fostering Cybersecurity Culture: From Awareness to Action

• Alert! Brute-Force SSH Attacks Rampant in the Wild: New Study From 427 Million Failed SSH Login Attempts

• Raspberry Robin Malware Now Using Windows Script Files to Spread

• The Motion Picture Association Doesn’t Get to Decide Who the First Amendment Protects

• Unauthenticated Stored Cross-Site Scripting Vulnerability Patched in WordPress Core

• Vulnerability in some TP-Link routers could lead to factory reset

• Apple Doubles iPhone Production In India – Report

• Match Systems publishes report on the consequences of CBDC implementation, led by CEO Andrei Kutin

• Real-World Law Enforcement Hack of Hackers End-to-Encrypted Chat Messenger

• E-commerce Breach: Hackers Target Magento, Steal Payment Data

• single sign-on (SSO)

• AT&T Data Breach Update: 51 Million Customers Impacted

• Watch This? Patch This! LG Fixes Smart TV Vulns

• The ClickOps Era Has Begun—Here’s a Quick Primer

• Beyond Technical Skills: Making Cybersecurity More Human-Centered

• Google Unveils ARM-based AI CPU, Google Axion

• Rhadamanthys Malware Deployed By TA547 Against German Targets

• Microsoft experiences another cyber attack after China email server intrusion

• TikTok bans explained: Everything you need to know

• AT&T notifies regulators after customer data breach

• Microsoft Patches 2 Zero Days Exploited For Malware Delivery

• DOJ Data On 340,000 Individuals Stolen

• Peter Higgs, Father Of The God Particle, Dies At 94

• Speed Of AI Development Is Outpacing Risk Assessment

• New covert SharePoint data exfiltration techniques revealed

• LG TV Vulnerabilities Expose 91,000 Devices

• Cypago Announces New Automation Support for AI Security & Governance

• Google Chrome is getting a new security feature to address memory corruption

• Twitter’s Clumsy Pivot to X.com Is a Gift to Phishers

• Cisco’s Vision at Hannover Messe 2024

• Cisco and Nutanix: A 360-Degree Partnership Where 1 + 1 = 3

• Zero Trust Matures, Insider Threat Programs Take Off, and AI Doesn’t Change Things that Much Yet: 2024 Cybersecurity Predictions

• Hackers Siphon 340,000 Social Security Numbers From U.S. Consulting Firm

• Tesla Settles Lawsuit Over Crash That Killed Apple Engineer

• Cisco at NAB 2024: Cloud-Native Media Production

• Microsoft Patches Tuesday security updates for April 2024 fixed hundreds of issues

• Researchers Resurrect Spectre v2 Attack Against Intel CPUs

• Posthumous Data Access: Can Google Assist with Deceased Loved Ones’ Data?

• Combatting iPhone Scams: Steps Towards Enhanced Security

• ‘eXotic Visit’ Spyware Campaign Targets Android Users in India and Pakistan

• Mitigating the Impact of Data Breaches Through DDR

• Beware of Encrypted Phishing Attack With Weaponized SVG Files

• Cypago Announces New Automation Support for AI Security and Governance

• Malwarebytes Digital Footprint Portal offers insights into exposed passwords and personal data

• Vultr Sovereign Cloud and Private Cloud delivers data control to nations and enterprises

• Raspberry Robin Returns: New Malware Campaign Spreading Through WSF Files

• CISA Announces Malware Next-Gen Analysis

• Shifting Attack Landscapes and Sectors in Q1 2024 with a 28% increase in cyber attacks globally

• Rust rustles up fix for 10/10 critical command injection bug on Windows

• Insider Threats Surge Amid Growing Foreign Interference

• Security Advisory: Protecting Mobile Devices for UAE Residents

• The Fake E-Shop Scam Campaign Sweeping Southeast Asia, seizing users banking details

• Privacy is ‘Virtually Impossible’ on iPhones, Experts Warn

• Eclypsium Automata discovers vulnerabilities in IT infrastructure

• Index Engines CyberSense 8.6 detects malicious activity

• Beware: GitHub’s Fake Popularity Scam Tricking Developers into Downloading Malware

• Women Experience Exclusion Twice as Often as Men in Cybersecurity

• Flaws in 90,000+ LG WebOS TVs Let Attacker’s Completely take Over Devices

• Introducing the Digital Footprint Portal

• Develop Advanced Cybersecurity Skills for Just $64

• A Quarter of UK Business Are Not Using AI to Bolster Cybersecurity

• Zero Trust: Navigating the Labyrinth of Laws in a Borderless Digital Age

• Concentric AI unveils employee offboarding risk monitoring and reporting module

• Hack The Box redefines cybersecurity performance, setting new standards in the cyber readiness of organizations

• Thousands of LG TVs Possibly Exposed to Remote Hacking

• Fortinet Patches Critical RCE Vulnerability in FortiClientLinux

• How to Stop Your Data From Being Used to Train AI

• IT pros targeted with malicious Google ads for PuTTY, FileZilla

• Cohesity teams up with Intel to integrate confidential computing into Data Cloud Services

• Windows: New ‘BatBadBut’ Rust Vulnerability Given Highest Severity Score

• Intel Unveils Latest AI Chip To Counter Nvidia

• Hands-on Review: Cynomi AI-powered vCISO Platform

• In Memoriam: Ross Anderson, 1956-2024

• 530k Impacted by Data Breach at Wisconsin Healthcare Organization

• Sprinto Raises $20 Million for Automated Risk and Compliance Platform

• NICE Actimize enhances Integrated Fraud Management platform to help financial services prevent scams

• US Claims to Have Recovered $1.4bn in COVID Fraud

• Microsoft Patch Tuesday: 149 Security Vulnerabilities & Zero-days

• 6 Best Open Source Password Managers for Mac in 2024

• X fixes URL blunder that could enable convincing social media phishing campaigns

• Silicon UK In Focus Podcast: Digital Transformation and Sustainability

• GHC-SCW Hack: Ransomware Actors Stolen User’s Personal Information

• Cyber Insurance Policy

• Microsoft Patches Two Zero-Days Exploited for Malware Delivery

• Researchers Uncover First Native Spectre v2 Exploit Against Linux Kernel

• Microsoft Patches 150 Flaws Including Two Zero-Days

• GM’s Cruise To Resume Operations In Phoenix With Human Drivers

• The AI Gold Rush: ChatGPT and OpenAI targeted in AI-themed investment scams

• Custom-made Awareness Raising to enhance Cybersecurity Culture

• Proton picks up Standard Notes to deepen its pro-privacy portfolio

• New ransomware group demands Change Healthcare ransom

• Alethea raises $20 million to combat disinformation campaigns

• Webinar: Learn How to Stop Hackers from Exploiting Hidden Identity Weaknesses

• Half of UK Businesses Hit by Cyber-Incident in Past Year, UK Government Finds

• Critical Rust Vulnerability Let Hackers Inject Commands on Windows Systems

• Embracing Two-Factor Authentication for Enhanced Account Protection

• Life in Cybersecurity: From Nursing to Threat Analyst

• Turning the tide on third-party risk

• RUBYCARP the SSH Brute Botnet Resurfaces With New Tools

• New Critical Rust Vulnerability Allows Attackers to Inject Commands on Windows Systems

• Cybersecurity in the Evolving Threat Landscape

• Rewards For Justice offers up to $10 million reward for info on ALPHV BlackCat hacker group leaders

• Dracula Phishing Platform Targets Organizations Worldwide

• New SharePoint Technique Lets Hackers Bypass Security Measures

• Upcoming report on the state of cybersecurity in Croatia

• Google top trending cybersecurity news headlines

• Navigating the Divide: Data Security Management vs Cloud Security Management

• Chrome Enterprise Premium promises extra security – for a fee

• How to Use Cyber Threat Intelligence? 4 TI Categories to Learn SOC/DFIR Team

• Why are many businesses turning to third-party security partners?

• Microsoft Fixes 149 Flaws in Huge April Patch Release, Zero-Days Included

• WEF Cybercrime Atlas: Researchers are creating new insights to fight cybercrime

• AI risks under the auditor’s lens more than ever

• GSMA releases Mobile Threat Intelligence Framework

• Cybersecurity jobs available right now: April 10, 2024

• Critical ‘BatBadBut’ Rust Vulnerability Exposes Windows Systems to Attacks

• ISC Stormcast For Wednesday, April 10th, 2024 https://isc.sans.edu/podcastdetail/8932, (Wed, Apr 10th)

• Navigating Third-Party Cyber Risks in Healthcare: Insights from Recent Events

• Is My VPN Working? How To Test for VPN Leaks

• Microsoft squashes SmartScreen security bypass bug exploited in the wild

• Synopsys takes aim at software supply chain risks

• Synopsys aims to mitigate software supply chain risks

• Microsoft patches two actively exploited zero-days (CVE-2024-29988, CVE-2024-26234)

• IT Security News Daily Summary 2024-04-09

• Is My VPN Working? How to Test for VPN Leaks

• VERT Threat Alert: April 2024 Patch Tuesday Analysis

• April’s Patch Tuesday Brings Record Number of Fixes

• Section 702: The Future of the Biggest US Spy Program Hangs in the Balance

• Should You Pay a Ransomware Attacker?

• USENIX Security ’23 – Qifan Xiao, Xudong Pan, Yifan Lu, Mi Zhang, Jiarun Dai, Min Yang,- xorcising “Wraith”: Protecting LiDAR-based Object Detector In Automated Driving System From Appearing Attacks

• FCC Mulls Rules to Protect Abuse Survivors from Stalking Through Cars

• April 2024 Microsoft Patch Tuesday Summary, (Tue, Apr 9th)

• Over 91,000 LG smart TVs running webOS are vulnerable to hacking

• Active Nitrogen campaign delivered via malicious ads for PuTTY, FileZilla

• Microsoft patches actively exploited security feature bypass vulnerability (CVE-2024-29988)

• Unit 42: Malware-initiated scanning attacks on the rise

• Speaking Freely: Mary Aileen Diez-Bacalso

• Microsoft Plugs Gaping Hole in Azure Kubernetes Service Confidential Containers

• April’s Patch Tuesday includes 150 vulnerabilities, 60 which could lead to remote code execution

• The Essential Tools and Plugins for WordPress Development

• Fortinet Releases Security Updates for Multiple Products

• Microsoft employees exposed internal passwords in security lapse

• Toward greater transparency: Adopting the CWE standard for Microsoft CVEs

• Muddled Libra’s Evolution to the Cloud

• Got an unpatched LG ‘smart’ television? It could be watching you back

• Patch Tuesday: Code Execution Flaws in Multiple Adobe Software Products

• Daniel Stori’s ‘Minimum Viable Elevator’

• LG smart TVs may be taken over by remote attackers

• 0G Launches Newton Testnet of Ultra-Scalable Modular AI Blockchain

• How to Use Cyber Threat Intelligence ? 4 TI Categories to Learn SOC/DFIR Team

• ScrubCrypt used to drop VenomRAT along with many malicious plugins

• OffSec Versus: Revolutionizing Cybersecurity Training Through Live-Fire Collaboration

• Behind Enemy Lines: Understanding the Threat of the XZ Backdoor

• Patch Tuesday Update – April 2024

• Hackers Use Malware to Hunt Software Vulnerabilities

• “Let’s Get the Third Party Started In Here,”

• Google Cloud Next 2024: New Data Center Chip and Chrome Enterprise Premium Join the Ecosystem

• CISA Releases One Industrial Control Systems Advisory

• SUBNET PowerSYSTEM Server and Substation Server

• Asia-Focused Dark Web Threat Intelligence Startup StealthMole Raises $7 Million

• Data Security Firm Cyera Raises $300 Million at $1.4 Billion Valuation

• The Hidden Danger of Public USB Charging Stations: What You Need to Know

• Google workspace to use AI for Data Security

• Private Data of 7.5 million BoAt Users Leaked in Massive Data Breach

• Change Healthcare Hit By Cyber Extortion Again

• SaaS Asset and User Numbers are Exploding: Is SaaS Data Security Keeping Up?

• Home Depot Confirms Data Breach Via Third Party Vendor

• Critical Takeover Vulns In 92,000 D-Link Devices Under Active Exploitation

• US Insurers Use Drone Photos To Deny Home Insurance Policies

• CISO Conversations: Nick McKenzie (Bugcrowd) And Chris Evans (HackerOne)

• Three Key Threats Fueling the Future of Cyber Attacks

• New Google Workspace feature prevents sensitive security changes if two admins don’t approve them

• Hackers Targeting Human Rights Activists in Morocco and Western Sahara

• 10-Year-Old ‘RUBYCARP’ Romanian Hacker Group Surfaces with Botnet

• Android 15’s Private Space feature could better protect your sensitive data

• Why the Keitaro TDS keeps causing security headaches

• What Is a SaaS Security Checklist? Tips & Free Template

• X adds support for passkeys globally on iOS

• Techstrong Group Announces Rebranding of Security Bloggers Network to Security Creators Network

• What Security Metrics Should I Be Looking At?

• SurveyLama Data Breach Exposes Millions of Users’ Information

• ESET Small Business Security offers protection against online fraud, data theft and human error

• Research Unearths RUBYCARP’s Multi-Miner Assault on Crypto

• $937 Bounty Awarded for Privilege Escalation and Local File Inclusion Vulnerabilities Patched in MasterStudy LMS WordPress Plugin

• Feds say Microsoft security ‘requires an overhaul’ — but will it listen?

• Raindex Launches On Flare To Power Decentralized CEX-Style Trading

• Ahoi Attacks – New Attack Breaking VMs With Malicious Interrupts

• Hackers Using ScrubCrypt ‘AV Evasion Tool’ To Exploit Oracle WebLogic Servers

• US Cyber Safety Review Board on the 2023 Microsoft Exchange Hack

• ICS Patch Tuesday: Siemens Addresses Palo Alto Networks Product Vulnerabilities

• SAP’s April 2024 Updates Patch High-Severity Vulnerabilities

• TufinMate accelerates network access troubleshooting

• Gurucul Data Optimizer provides control over real-time data transformation and routing

• Researchers Discover LG Smart TV Vulnerabilities Allowing Root Access

• Foreign Interference Drives Record Surge in IP Theft

• 91,000 Smart LG TV Devices Vulnerable to Remote Takeover

• Google Gemini Code Assist – Code With AI Intelligence

• Check Point Supercharges Brisbane Catholic Education’s Security Stack to Improve Threat Detection and Streamline Manageability

• March 2024’s Most Wanted Malware: Hackers Discover New Infection Chain Method to Deliver Remcos

• Ransomware gang’s new extortion trick? Calling the front desk

• #MIWIC2024: Illyana Mullins, Founder of WiTCH (Women in Tech and Cyber Hub CIC)

• The role of certificate lifecycle automation in enterprise environments

• Exploring HelpWire: A New Option in Free Remote Support Software

• Thousands Of Internet-Exposed Ivanti VPN Appliances Vulnerable To RCE Attacks

• Google unveils new Gemini-powered security updates to Chronicle and Workspace

• Google injects generative AI into its cloud security tools

• Chrome Enterprise goes Premium with new security and management features

• Entering the Next Chapter of SASE at InterSECt 2024

• Keeper Security Tightens Access Control with New Features

• Synopsys Introduces Latest Solution for Comprehensive Security Across Software Supply Chains

• The Role of Identity Data Management in Achieving CISA’S Strategic Goals

• UK businesses shockingly unaware of how to handle security threats

• What AI Can Do Today? The latest generative AI tool to find the perfect AI solution for your tasks

• Sectigo appoints Jason Scott as CISO

• Rocket DevOps simplifies compliance processes

• Google Adds V8 Sandbox To Chrome To Fight Against Browser Attacks

• Expert Insight: Growing Your Mindset

• Using emerging technology to bridge the cyber skills gap

• SE Labs Annual Security Awards 2024

• CL0P’s Ransomware Rampage – Security Measures for 2024

• Starry Addax targets human rights defenders in North Africa with new malware

• The Threat That Can’t Be Ignored: CVE-2023-46604 in Apache ActiveMQ

• Building Bridges: Embracing Change, Growth, and Discovery at Cisco

• Defusing the threat of compromised credentials

• Second Ransomware Group Extorting Change Healthcare

• DOJ-Collected Information Exposed in Data Breach Affecting 340,000

• CISO Conversations: Nick McKenzie (Bugcrowd) and Chris Evans (HackerOne)

• CVS Group Restoring Systems Impacted by Cyberattack

• Cyber Attack on Consulting Firm Exposes DOJ Data of 341,000 People

• Targus Hacked: Attackers Gain Access to File Servers

• AI data security startup Cyera confirms $300M raise at a $1.4B valuation

• Akamai Shield NS53 protects on-prem and hybrid DNS infrastructure

• 6 Best Open Source Password Managers for Windows in 2024

• 35-year long identity theft leads to imprisonment for victim

• New Latrodectus loader steps in for Qbot

• Darktrace ActiveAI Security Platform helps organizations shift focus to proactive cyber resilience

• Shield NS53 Protects Your Origin DNS Infrastructure from NXDOMAIN Attacks

• Samsung To Receive $6bn For Texas Chip Expansion

• Google announces V8 Sandbox to protect Chrome users

• Exploitation Attempts Target Unpatched Flaw Affecting Many D-Link NAS Devices

• StrikeReady Raises $12M to Build AI-Powered Security Command Center

• SINEC Security Guard identifies vulnerable production assets

• Room for Error: Hotel Check-In Terminal Flaw Leads to Access Code Leak

• HashKey Launches Global Crypto Exchange, Targets Coinbase

• PC Shipments Return To Pre-Pandemic Levels In First Quarter

• Sprinto raises $20M to bring automation to security compliance management

• Over 90,000 D-Link NAS Devices Are Under Attack

• Top Israeli Spy Chief Identity Exposed In A Privacy Mistake

• Parasoft unveils safety testing tool for C and C++ apps

• Cybersecurity Compliance Around the Globe: India’s DPDP

• TechRepublic Academy Is Offering Extra 20% Off Most Deals Through April 16

• Cloudflare partners with Booz Allen Hamilton to guide organizations under attack

• Why payers are pivotal to API security across the healthcare ecosystem

• Brazil Judge Opens Probe Into Elon Musk

• TSMC Expands Arizona Chip Plans Under $6.6bn US Deal

• Notepad++ Wants Your Help to Take Down the Parasite Website

• Attackers Using Obfuscation Tools to Deliver Multi-Stage Malware via Invoice Phishing

• Why Identity Management is Key in a Cyber Resilience Strategy

• Microsoft To Open AI Hub In London After Suleyman Hire

• Google Rolls Out “Find My Device” Network for Android Users

• China is using generative AI to carry out influence operations

• Podcast Episode: Antitrust/Pro-Internet

• How Avast One Silver adapts to your unique online world

• D-Link RCE Vulnerability That Affects 92,000 Devices Exploited in Wild

• HTTP/2 Vulnerability Let Hackers Launch DOS Attacks on Web Servers

• Kaspersky Club – 55,971 breached accounts

• CVE-2024-3094: RCE Vulnerability Discovered in XZ Utils

• Embracing the Cloud: Revolutionizing Privileged Access Management with One Identity Cloud PAM Essentials

• Critical Flaws Leave 92,000 D-Link NAS Devices Vulnerable to Malware Attacks

• Another ransomware gang reclaims to have hacked United Health

• How exposure management elevates cyber resilience

• boAt – 7,528,985 breached accounts

• Strategies for secure identity management in hybrid environments

• EJBCA: Open-source public key infrastructure (PKI), certificate authority (CA)

• Exploring How Penetration Tests Are Classified – Pentesting Aspirant Guide 2024

• Defining a holistic GRC strategy

• Building a DDR Strategy: A Step-by-Step Guide

• ISC Stormcast For Tuesday, April 9th, 2024 https://isc.sans.edu/podcastdetail/8930, (Tue, Apr 9th)

• 10 Million Devices Were Infected by Data-Stealing Malware in 2023

• Targus says cyberattack is causing operational outage

• Targus says cyberattack causing operational outage

• Protecting art and passwords with biochemistry

• It Was Not Me! Malware-Initiated Vulnerability Scanning Is on the Rise

• EU Assessing Apple Compliance Plan That Provoked Anger

• Flaws in legacy D-Link NAS devices under attack

• Vulnerability Recap 4/8/24 – Google, HTTP/2 Join Ivanti

• Google Adds Security Command Center Enterprise to Mandiant Portfolio

• IT Security News Daily Summary 2024-04-08

• Greylock McKinnon Associates data breach exposed DOJ data of 341650 people

• Hashicorp Versus OpenTofu Gets Ugly

• US insurers use drone photos to deny home insurance policies

• Facebook Accused Of Censoring Small Newspaper That Criticized It

• Leveraging Cloud Native Technologies in the Broadcast Industry

• Crowdfense is offering a larger 30M USD exploit acquisition program

• USENIX Security ’23 – Lukas Seidel, Dominik Maier, Marius Muench – Forming Faster Firmware Fuzzers

• XZ Utils Supply Chain Attack: A Threat Actor Spent Two Years to Implement a Linux Backdoor

• HHS: Heath Care IT Helpdesks Under Attack in Voice Scams

• Barracuda Report Provides Insight into Cybersecurity Threat Severity Levels

• Vulnerability Summary for the Week of April 1, 2024

• Home Depot confirms worker data leak after miscreant dumps info online

• Lazy Koala: New Cyber Threat Emerges in CIS Region

• AGENT TESLA Malware Steals login Credentials From Chrome & Firefox

• The music industry must find a way to stay in tune with GenAI

• All eyes on cyberdefense as elections enter the generative AI era

• Home Depot confirms data theft after crook threatens to dump inside info online

• Threat Actors Deliver Malware via YouTube Video Game Cracks

• Here Comes the US GDPR: APRA, the American Privacy Rights Act

• Email Security Vulnerabilities: Shocking Gaps in Malware Detection

• backup storage device

• Hijacked Facebook Pages are pushing fake AI services to steal your data

• Hackers stole 340,000 Social Security numbers from government consulting firm

• #MIWIC2024: Jennifer Fernick, Senior Staff Security Engineer, Encryption Lead, Google

• Top 3 API Leaks Identified by Cybersecurity & InfoSec Experts

• An Unusual Tracking Feature Identified on Millions of iPhone Users

• Researchers Uncover Numerous Chinese Hacker Collectives Exploiting Ivanti Security Vulnerabilities

• The High Cost of Neglecting Backups: A Ransomware Wake-Up Call

• US Federal Data Privacy Law Introduced by Legislators

• Ransomware threat to diminish in this year 2024

• New Malware “Latrodectus” Linked to IcedID

• Byakugan Infostealer Capabilities Revealed

• ScrubCrypt Deploys VenomRAT with an Arsenal of Plugins

• Zero Trust Access: The Transformative Blueprint for Achieving Regulatory Compliance

• Porn panic imperils privacy online, with Alec Muffett (re-air): Lock and Code S05E08

• Indian audio giant BoAt says it’s investigating suspected customer data breach

• Transform Media Broadcasting with IP: Cisco and Imagine Communications

• Cisco Access Points among the First to Be Standard-Power Certified by the FCC

• The Quantum Shift

• Puppies, kittens, data at risk after ‘cyber incident’ at veterinary giant

• Thousands of Ivanti VPN Appliances Impacted by Recent Vulnerability

• Chinese Hackers Using AI Tools To Influence Upcoming Elections

• Cisco IOS Vulnerability Allows DOS Attacks via Malicious Traffic

• 4 lessons industrial companies can draw from the British Library cyberattack

• CISO Life: the Good, the Bad, the Ugly

• Protect Your Attack Surface from Evolving Attack Vectors

• What is Attack Surface Management (ASM) and How Has it Changed?

• Bitdefender Digital Identity Protection guards against web data leaks

• Google Chrome Adds V8 Sandbox – A New Defense Against Browser Attacks

• The Pitfalls of Periodic Penetration Testing & What to Do Instead

• Bing Ad Posing As NordVPN Aims To Spread SecTopRAT Malware

• Change Healthcare Faces Second Ransomware Dilemma

• US Lawmakers Strike Deal On Data Privacy Legislation

• Confidential VMs Hacked Via New Ahoi Attacks

• Company Offering $30 Million For Android, iOS, Browser Zero-Day Exploits

• Confidential VMs Hacked via New Ahoi Attacks

• Key Lawmakers Float New Rules for Personal Data Protection; Bill Would Make Privacy a Consumer Right

• Healthcare IT Help Desk Employees Targeted in Payment-Hijacking Attacks

• Best 5 Privacy Management Tools for 2024

• Exploiting limited markup features on web applications

• Cyber-Physical Systems Security Analysis Challenges and Solutions 2024

• Secrets Management in the Age of AI Cybercrime: Safeguarding Enterprises from Emerging Threats

• Join Cequence Security at RSA Conference 2024: Protect What Connects You with Advanced API Security Solutions

• Cracking Down on Crime: Europol Shares Data on Europe’s Top Threats

• Panera Bread and Omni Hotels Hit by Ransomware Outages: What You Need to Know

• The Legacy of a Security Breach

• Attackers Find Your Session Cookies Irresistible

• XZ Utils backdoor: Detection tools, scripts, rules

• Veriato introduces AI-driven predictive behavior analytics platform

• Vet Clinic Chain CVS Hit by Cyberattack, Disrupts UK Operations

• Change Healthcare faces second ransomware dilemma weeks after ALPHV attack

• Unleash Platform Power with Strata Cloud Manager’s Command Center

• Company Offering $30 Million for Android, iOS, Browser Zero-Day Exploits

• Veterinary Giant IT System Attacked by Hackers

• Understanding Infosec Isolation Solutions: Fortress Walls for Your Digital Assets

• SymphonyAI unveils SensaAI for Sanctions to detect hidden risk in unstructured data

• Quantum Security and Networking are Emerging as Lifelines in Our Quantum-powered Future

• Famous YouTube Channels Hacked to Distribute Infostealers

• Learn how to Protect Your Business With this $28 Cybersecurity Training

• AI Scam Calls: How to Protect Yourself, How to Detect

• U.S. Department of Health warns of attacks against IT help desks

• Google Adds V8 Sandbox to Chrome

• How to Get CMMC Certified

• Cyber Security Today, April 8, 2024 – Crooks are hijacking Facebook pages to spread phoney AI applications

• The Drop in Ransomware Attacks in 2024 and What it Means

• Watch Out for ‘Latrodectus’ – This Malware Could Be In Your Inbox

• Cybersecurity Incidents Making Headlines on Google

• Avoiding Cloud Breaches: Top 5 Misconfigurations to Watch For

• Vedalia APT Group Exploits Oversized LNK Files to Deliver Malware

• X Hands Out Blue Ticks To ‘Influential’ Users

• Google Sues Alleged Crypto Scammers

• EU Launches Probe Into China Legacy Chips, Following US Lead

• Senator Calls For ‘Path Forward On TikTok’

• NSA Appoints Dave Luber as Cybersecurity Director

• Understanding Cybersecurity Basics for Businesses

• Multiple CData Vulnerabilities Let Attackers Bypass Security Restrictions

• boAt – 7,528,986 breached accounts

• UK Retailers Lost £11.3bn to Fraud in 2023

• AI/ML Digital Everest: Dodging System Failure Summit Fever

• Gone Phishing 2023: Here Are the Results!

• Cybercriminals Targeting Latin America with Sophisticated Phishing Scheme

• Multiple Cisco Small Business Routers Vulnerable to XSS Attacks

• A week in security (April 1 – April 7)

• 92,000+ internet-facing D-Link NAS devices accessible via “backdoor” account (CVE-2024-3273)

• Hospital IT Helpdesks Targeted By Voice Fraudsters, Warns HHS

• A new smart home security standard is coming

• Samsung Expeccts 900 Percent Profit Jump Amidst AI Boom

• Samsung More Than Doubles Texas Chip Plant Investment

• AI-As-A-Service Providers Vulnerability Let Attackers Perform Cross-Tenant Attacks

• Massive AT&T Data Leak, The Danger of Thread Hijacking

• Veterinary Giant CVS Reveals Major Cyber-Attack

• Understanding ISO 27001:2022 Annex A.11 – Physical and Environmental Security

• Google Expands AI-Powered Search Test To UK Users

• Microsoft Two-Step Phishing Campaign Attack LinkedIn Users

• Cloudflare Acquires Baselime to Enhance Serverless Performance

• Head of Israeli cyber spy unit exposed … by his own privacy mistake

• Google Sues App Developers Over Fake Crypto Investment App Scam

• How can the energy sector bolster its resilience to ransomware attacks?

• April 2024 Patch Tuesday forecast: New and old from Microsoft

• WiCyS: A champion for a more diverse cybersecurity workforce

• How malicious email campaigns continue to slip through the cracks

• Threat actors are raising the bar for cyber attacks

• Industrial sectors embrace zero trust for enhanced security

• ISC Stormcast For Monday, April 8th, 2024 https://isc.sans.edu/podcastdetail/8928, (Mon, Apr 8th)

• CoralRaider Hackers Steals Login Credentials, Financial Data & Social Media Logins

• Hornetsecurity Nominated in 2024 ‘ASTORS’ Homeland Security Awards

• A Use Case for Adding Threat Hunting to Your Security Operations Team. Detecting Adversaries Abusing Legitimate Tools in A Customer Environment. [Guest Diary], (Sun, Apr 7th)

• The best secure browsers for privacy in 2024

• Security Affairs newsletter Round 466 by Pierluigi Paganini – INTERNATIONAL EDITION

• IT Security News Weekly Summary – Week 14

• IT Security News Daily Summary 2024-04-07

• A Breakthrough Online Privacy Proposal Hits Congress

• Conn. CISO Raises Security Concerns Over BadGPT, FraudGPT

• Privnote Secure Messaging App Is Under Phishing Threat

• US Environmental Protection Agency Allegedly Hacked, 8.5M User Data Leaked

• The Growing Threat of Remote Desktop Protocol (RDP) Attacks

• 60% of small businesses are concerned about cybersecurity threats

• Birmingham City Computers Breached by Hackers, Mayor Confirms

• The Case Study: The Exploitation of Mechatronics Systems

• Data Brokers are Preparing to Challenge Privacy Legislation

• Facebook Overhauls Confusing Censorship Policy For AI Videos

• LayerSlider Plugin Imperils 1 Million WordPress Sites, Urgent Fixes Mandated!

• Fund Manager Outlines Digital Data as Rising Asset Class

• Strengthening Financial Services: Embracing the Digital Operational Resilience Act (DORA) for Cybersecurity Resilience

• 9 Best Practices for Using AWS Access Analyzer

• Over 92,000 Internet-facing D-Link NAS devices can be easily hacked

• Week in review: 73M customers affected by AT&T data leak, errors led to US govt inboxes compromise

• Enterprise AI Security Firm TrojAI Raises $5.75M in Seed Funding

Generated on 2024-04-14 23:58:23.620907