IT Security News Weekly Summary – Week 16

• IT Security News Daily Summary 2024-04-21

• Akira ransomware received $42M in ransom payments from over 250 victims

• DuneQuixote campaign targets the Middle East with a complex backdoor

• Cyberattackers Employ Elusive “CR4T” Backdoor to Target Middle Eastern Governments

• New AI Speed Cameras Record Drivers on Their Phones

• Security Affairs newsletter Round 468 by Pierluigi Paganini – INTERNATIONAL EDITION

• Information Stealer Malware Preys on Gamers via Deceptive Cheat Code Baits

• Androxgh0st Malware Compromises Servers Worldwide for Botnet Attack

• Weighing Down Cyberrisk Options: How to Make Objective Cybersecurity Decisions Without Negatively Impacting the Organization’s IT Teams?

• Review: ‘Artificial Intelligence — A Primer for State and Local Governments’

• New RedLine Stealer Variant Disguised as Game Cheats Using Lua Bytecode for Stealth

• Week in review: Palo Alto firewalls mitigation ineffective, PuTTY client vulnerable to key recovery attack

• Critical CrushFTP zero-day exploited in attacks in the wild

• IT Security News Daily Summary 2024-04-20

• What is Mobile Application Security Testing? Explained

• USENIX Security ’23 – PrivGraph: Differentially Private Graph Data Publication by Exploiting Community Information

• A French hospital was forced to reschedule procedures after cyberattack

• GenAI Presents a Fresh Challenge for SaaS Security Teams

• Harnessing AI and ChatGPT for Eye Care Triage: Advancements in Patient Management

• AT&T User Discusses Safety Measures Following Data Breach

• Soumnibot Malware Abuses Bugs to Escape Detection

• Lawmakers vote to reauthorize US spying law that critics say expands government surveillance

• Connecting Tech to Black America

• The Rise of Bots: Imperva’s Report Reveals Rising Trends in Internet Traffic

• U.S. Dams Vulnerable to Cyber Threats

• Inside Job Exposed: T-Mobile US, Verizon Staff Solicited for SIM Swap Scam

• AI-Controlled Fighter Jets Are Dogfighting With Human Pilots Now

• The many faces of impersonation fraud: Spot an imposter before it’s too late

• Protecting yourself after a medical data breach – Week in security with Tony Anscombe

• CrushFTP Warns Users to Patch Exploited Zero-Day “Immediately”

• Evil XDR: Researcher Turns Palo Alto Software Into Perfect Malware

• Defining and Understanding Trust Assurance

• Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks

• Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack

• Internet Service Providers Plan to Subvert Net Neutrality. Don’t Let Them

• Baby ASO: A Minimal Viable Transformation for Your SOC

• MITRE revealed that nation-state actors breached its systems via Ivanti zero-days

• IT Security News Daily Summary 2024-04-19

• Your Android phone could have stalkerware — here’s how to remove it

• Friday Squid Blogging: Squid Trackers

• Google Consolidates DeepMind And AI Research Teams

• Sacramento airport goes no-fly after AT&T internet cable snipped

• More on the PAN-OS CVE-2024-3400

• PRODUCT REVIEW: Safous Zero Trust Access

• Facebook Slammed For Censoring Content From Auschwitz Museum

• LabHost Phishing Platform is Latest Target of International Law Agencies

• Cyber Security Today, Week in Review for week ending Friday April 19, 2024

• CISA Announces Winners of the 5th Annual President’s Cup Cybersecurity Competition

• Taking Time to Understand NIS2 Reporting Requirements

• The CVE’s They are A-Changing!, (Wed, Apr 17th)

• Breakthrough in Quantum Cloud Computing Ensures its Security and Privacy

• Apple Pulls WhatsApp, Threads From China App Store

• 7 steps to create a data loss prevention policy

• BreachRx Raises $6.5M to Revamp Incident Response Reporting Systems

• The 8 Most Common Causes of Data Breaches

• The Biggest Deepfake Porn Website Is Now Blocked in the UK

• USENIX Security ’23 – Inductive Graph Unlearning

• NCSWIC Releases Roles and Responsibilities: Statewide Interoperability Coordinators Document

• EFF, Human Rights Organizations Call for Urgent Action in Case of Alaa Abd El Fattah

• APT44: Unearthing Sandworm – A Cyber Threat Beyond Borders

• Websites Engage in Deceptive Practices to Conceal the Scope of Data Collection and Sharing

• FBI says Akira Ransomware group raked $42 million

• SAFOUS ZERO TRUST ACCESS – Comprehensive Cybersecurity for the Modern Enterprise

• 4 steps CISOs can take to raise trust in their business

• Fake Cheat Lures Gamers Into Spreading Infostealer Malware

• From DAST to dawn: why fuzzing is better solution | Code Intelligence

• International Cyber Fraud Ring Busted By London Police

• 2024-04-18: Word macro –> SSLoad –> Cobalt Strike

• $2,063 Bounty Awarded for Privilege Escalation Vulnerability Patched in User Registration WordPress Plugin

• How We’re Delivering Next-Gen Workforce Collaboration with Cisco Private 5G

• Introducing the 7th Annual Partner Innovation Challenge: Featuring an Exciting New Prize Category

• Connect hybrid cloud Kubernetes with F5 multicloud networking and Red Hat OpenShift for optimized security footprints

• Learn about trends and best practices from top security experts at Red Hat and NIST’s Cybersecurity Open Forum

• 4 use cases for AI in cyber security

• Unraveling Cyber Threats: Insights from Code Analysis

• NSA Shares Best Practices for Secure AI Systems

• WhatsApp, Threads, more banished from Apple App Store in China

• Threat-Intelligence Startup VulnCheck Closes $8M Seed Financing

• BlackTech Targets Tech, Research, and Gov Sectors New ‘Deuterbear’ Tool

• IT and Cybersecurity Jobs in the Age of Emerging AI Technologies

• CISA: Akira ransomware extorted $42M from 250-plus victims

• Cisco Releases Security Advisories for Cisco Integrated Management Controller

• Dark Web Sales Driving Major Rise in Credential Attacks

• Congress: Don’t Let Anyone Own The Law

• Tuta Mail (Tutanota) Accuses Google of Censoring Its Search Results

• The Importance of Cyber Hygiene for Businesses

• First Major Attempts to Regulate AI Face Headwinds From All Sides

• In Other News: OSS Backdooring Attempts, Botnet Operator Charged, Automotive Firm Attack

• Cisco Duo raises awareness over a breach in third-party data security, revealing the exposure of SMS MFA logs.

• Unveiling the Threat: Microsoft’s Executive Speaks Out on State-Backed Hacking

• Intel Foundry Assembles Next Gen Chip Machine From ASML

• Earth Day 2024: Securing Our Earth

• Ransomware in Q1 2024: Frequency, size of payments trending downwards, SMBs beware!

• Alarming Decline in Cybersecurity Job Postings in the US

• Is the UK about to ban ransomware payments?

• Frontier Communications Shuts Down Systems Following Cyberattack

• Akira Ransomware Made Over $42 Million in One Year: Agencies

• US Government Releases Guidance on Securing Election Infrastructure

• Scaling Application Security With Application Security Posture Management (ASPM)

• What’s the deal with the massive backlog of vulnerabilities at the NVD?

• Cybercriminals threaten to leak all 5 million records from stolen database of high-risk individuals

• Akira Ransomware Gang Extorts $42 Million; Now Targets Linux Servers

• How Attackers Can Own a Business Without Touching the Endpoint

• Unlocking the Power of Portfolio Analysis – A Comprehensive Guide

• Hacking the Floodgates: US Dams Face Growing Cyber Threats

• Cyber Security Today, April 19, 2024 – Police bust phishing rental platform, a nine-year old virus found on Ukrainian computers, and more

• Akira Ransomware Attacks Over 250 Organizations and Collects $42 Million

• Google Ad Impersonates Whales Market to Push Wallet Drainer Malware

• UK’s Cydea introduces new way to quantify risk management

• Ransomware Victims Who Pay a Ransom Drops to Record Low

• Germany cuffs alleged Russian spies over plot to bomb industrial and military targets

• Akira Ransomware Group Rakes in $42m, 250 Organizations Impacted

• Cisco Launches A New AI-Focused Security Solution

• Cybercriminals Pose as LastPass Staff to Hack Password Vaults

• 92% of Enterprises Unprepared for AI Security Challenges

• OpenMetadata Vulnerabilities Exploited to Abuse Kubernetes Clusters for Cryptomining

• LastPass users targeted by vishing attackers

• FBI chief says China is preparing to attack US critical infrastructure

• The Dark Side of EDR: Repurpose EDR as an Offensive Tool

• Google Chrome DBSC Protection Tested Against Cookie Attacks

• Crunching Some Numbers on PHP Support

• NIS-2: 10 common misconceptions about the regulation

• United Nations Development Programme (UNDP) investigates data breach

• Damn Vulnerable RESTaurant: Open-Source API Service Designed for Learning

• Novel Android Malware Targets Korean Banking Users

• The Ultimate Guide to SBIR and STTR Program Budgeting

• ‘Crude’ Ransomware Tools Proliferating on the Dark Web for Cheap, Researchers Find

• Hackers Target Middle East Governments with Evasive “CR4T” Backdoor

• Possible Cyber Attack on 911 of 4 American States

• Can Ransomware Gangs Be Neutralized? Exploring Strategies to Combat Cyber Extortion

• Protobom: Open-source software supply chain tool

• The key pillars of domain security

• Lacework, last valued at $8.3B, is in talks to sell for just $150M to $200M, say sources

• Alert! Windows LPE Zero-day Exploit Advertised on Hacker Forums

• New infosec products of the week: April 19, 2024

• 51% of enterprises experienced a breach despite large security stacks

• ISC Stormcast For Friday, April 19th, 2024 https://isc.sans.edu/podcastdetail/8946, (Fri, Apr 19th)

• Attackers exploiting new critical OpenMetadata vulnerabilities on Kubernetes clusters

• Ransomware feared as IT ‘issues’ force Octapharma Plasma to close 150+ centers

• Cisco discloses high-severity vulnerability, PoC available

• FIN7 targeted a large U.S. carmaker with phishing attacks

• Crooks exploit OpenMetadata holes to mine crypto – and leave a sob story for victims

• IT Security News Daily Summary 2024-04-18

• ‘ASTORS’ Champion Adds Passphrase Generator to Keeper Web Vault

• Two Years Post-Roe: A Better Understanding of Digital Threats

• Vulnerabilities for AI and ML Applications are Skyrocketing

• Data Matters ? The Value of Visibility in API Security

• What to Consider When Choosing a Software Composition Analysis (SCA) Tool

• Randall Munroe’s XKCD ‘Eclipse Path Maps’

• USENIX Security ’23 – NRDelegationAttack: Complexity DDoS attack on DNS Recursive Resolvers

• Cheap ‘Junk-Gun Ransomware’ Emerging on the Dark Web

• FIN7 targeted a large U.S. carmaker phishing attacks

• Brave search engine adds privacy-focused AI – no Google or Bing needed

• Simeio Returns to Compete in 2024 ‘ASTORS’ Awards with Simeio IO

• 3 Keycloak authorization strategies to secure app access

• The Trump Jury Has a Doxing Problem

• Lacework, last valued at $8.3B, is in talks to sell for just $150M to $300M, say sources

• Law enforcement reels in phishing-as-a-service whopper

• Could the Brazilian Supreme Court finally hold people accountable for sharing disinformation?

• Stateful vs. stateless firewalls: Understanding the differences

• Wiz is in talks to buy Lacework for $150-200M; security firm was last valued at $8.3B

• House passes bill banning Uncle Sam from snooping on citizens via data brokers

• CISA Releases Three Industrial Control Systems Advisories

• #StopRansomware: Akira Ransomware

• Hackers are threatening to publish a huge stolen sanctions and financial crimes watchlist

• For Cisco Insider Wouter Hindriks, curiosity and passion for problem solving are keys to success.

• Oracle To Invest More Than $8 Billion In Cloud, AI In Japan

• Android could soon protect you from malicious apps by quarantining them

• Cape dials up $61M from A16Z + more for mobile service that doesn’t use personal data

• Fourth Amendment is Not For Sale Act Passed the House, Now it Should Pass the Senate

• Multi-Data Platform SIEM Anvilogic Raises $45 Million

• Watch Now: Ransomware Resilience & Recovery Summit Sessions Now on Demand

• SAP Applications Increasingly in Attacker Crosshairs, Report Shows

• Stale Accounts in Active Directory

• Understanding the Different Types of Audit Evidence

• DataDome Renews SOC 2 Type 2 Compliance

• House Passes Privacy-Preserving Bill, but Biden Blasts it

• Navigating Vulnerability Disclosure: Lessons from Delinea’s Secret Server Flaw

• Quishing Attacks Jump Tenfold, Attachment Payloads Halve

• Creating Deepfake Porn Without Consent To Become A Crime

• Kaspersky Study: Devices Infected With Data-Stealing Malware Increased by 7 Times Since 2020

• Russia’s Sandworm Upgraded to APT44 by Google’s Mandiant

• Wordfence Intelligence Weekly WordPress Vulnerability Report (April 8, 2024 to April 14, 2024)

• Data privacy and security become most worrisome for AI adoption decision makers

• Korean researcher details scheme abusing Apple’s third-party pickup policy

• CrowdStrike extends cloud security to Mission Cloud customers

• Google Fires 28 Staff Over Israel Protest, Undertakes More Layoffs

• Law enforcement operation dismantled phishing-as-a-service platform LabHost

• Palo Alto Networks Recognized by Gartner as a Leader in SSE Report

• Lawmakers Are Kicking Warrantless Wiretapping Into Overdrive

• Kremlin-Backed Actors Spread Disinformation Ahead Of US Elections

• EU Tells Meta It Can’t Paywall Privacy

• Russia’s Sandworm APT Linked To Attack On Texas Water Plant

• New Cyber-Threat MadMxShell Exploits Typosquatting and Google Ads

• Oracle Releases Critical Patch Update Advisory for April 2024

• IT and Security Professionals Demand More Workplace Flexibility

• Mental health company Cerebral failed to protect sensitive personal data, must pay $7 million

• Five Eyes Agencies Release New AI Security Guidance

• United Nations Agency Investigating Ransomware Attack Involving Data Theft

• OfflRouter Malware Evades Detection in Ukraine for Almost a Decade

• Russia Already Meddling In US Election, Microsoft Warns

• Palo Alto ZeroDay Exploited in The Wild Following PoC Release

• 37 Arrested as Police Smash LabHost International Fraud Network

• FIN7 Targets American Automaker’s IT Staff in Phishing Attacks

• Ransomware Attack Targets Healthcare Giant, Change Healthcare

• Iranian Hacker Group Blast Out Threatening Texts to Israelis

• Gurucul federated search provides insights into data that is not centralized

• FIN7 Cybercrime Group Targeting U.S. Auto Industry with Carbanak Backdoor

• Microsoft and Google are top brands misused to scam users

• Russian APT44 – The Most Notorious Cyber Sabotage Group Globally

• FIN7 Hackers Attacking IT Employees Of Automotive Industry

• 185K people’s sensitive data in the pits after ransomware raid on Cherry Health

• SoumniBot Exploiting Android Manifest Flaws to Evade Detection

• Unpacking the NIST cybersecurity framework 2.0

• Miercom NGFW Security Benchmark 2024: Why It Matters for Cloud Network Security

• Cisco at Hannover Messe 2024: Know Before You Go

• Report Reveals Healthcare Industry is Disillusioned in its Preparedness for Cyberattacks

• AWS Detection Engineering

• 5 Cybersecurity Resolutions for the New Year

• Apex Legends hacker says game developers patched exploit used on streamers

• Innovation and Continuity: Cisco Meraki in the Education Sector

• Goldilock Partners with organisation behind NATO’s largest cyber defence exercise

• Cisco Says PoC Exploit Available for Newly Patched IMC Vulnerability

• Roku experiences another data breach; Apple notifies users about mercenary spyware attacks

• LightSpy Spyware: A Chinese Affair Targeting iPhone Users in South Asia

• Combatting Counterfeit Drugs Online: BrandShield’s Success in Dismantling Illicit Websites

• Police apprehend global cyber gang implicated in large-scale fraud

• Malvertising Campaign Targeting IT Teams with MadMxShell Backdoor

• EU tells Meta it can’t paywall privacy

• April Product Update

• TechRepublic’s Review Methodology for Password Managers

• Turning Cisco’s Tuition Reimbursement Green

• Russian Sandworm Hackers Pose as Hacktivists in Water Utility Breaches

• Cannabis investment scam JuicyFields ends in 9 arrests

• Phishing Platform LabHost Shut Down by Law Enforcement

• 180k Impacted by Data Breach at Michigan Healthcare Organization

• OnlyFans Filter: A New Frontier in School Safety and CIPA Compliance

• Ivanti patches critical Avalanche flaw exploitable via a simple message (CVE-2024-29204)

• Global Police Operation Disrupts ‘LabHost’ Phishing Service, Over 30 Arrested Worldwide

• How to Conduct Advanced Static Analysis in a Malware Sandbox

• New Android Trojan ‘SoumniBot’ Evades Detection with Clever Tricks

• Recover from Ransomware in 5 Minutes—We will Teach You How!

• US Election Officials Told to Prepare for Nation-State Influence Campaigns

• LeSlipFrancais Data Breach: Customers’ Personal Information Exposed

• Other Attempts to Take Over Open Source Projects

• Moldovan Charged for Operating Botnet Used to Push Ransomware

• EU To Drop Microsoft’s OpenAI Investment Probe – Report

• Cisco Hypershield: AI-Powered Hyper-Distributed Security for Data Center

• The Real-Time Deepfake Romance Scams Have Arrived

• Armis Buys Cyber Remediation Startup Silk Security for $150M

• Possible Chinese Hackers Use OpenMetadata for Cryptomining

• Data Encryption Policy

• Shaping Cybersecurity Policy towards a trusted and secure Europe

• Previously unknown Kapeka backdoor linked to Russian Sandworm APT

• LockBit Knockoffs and Imposters Proliferate After LockBit 3.0 Builder Leak

• Prolific phishing-made-easy emporium LabHost knocked offline in cyber-cop op

• What is certificate discovery and why is it important?

• Redgate Monitor Enterprise prevents unauthorized access to sensitive information

• Immuta launches Domains policy enforcement to improve security and governance for data owners

• Supply Chain Cybersecurity – the importance of everyone

• DuneQuixote campaign targets Middle Eastern entities with “CR4T” malware

• 16-31 January 2024 Cyber Attacks Timeline

• Cisco Unveils AI-Native Enterprise Security Solution Hypershield

• SAS unveils products and services to help customers embrace AI

• UnitedHealth Expects Up to $1.6B Hit From Change Healthcare Cyberattack This Year

• Trust in Cyber Takes a Knock as CNI Budgets Flatline

• US Provides Assurances For Julian Assange Extradition

• What is Encryption in Malware? – Understand From Basics to XOR

• Java services hit hardest by third-party vulnerabilities, report says

• Years-Old Vulnerability in AMI MegaRAC BMCs Impacts Intel and Lenovo Hardware

• Surge in Botnets Exploiting CVE-2023-1389 to Infect TP-Link Archer Routers

• Le Slip Français – 1,495,127 breached accounts

• Food and Agriculture Sector Hit with More Than 160 Ransomware Attacks Last Year

• Cisco Warns of a Command Injection and Privilege Escalation Flaw in Its IMC

• Authorities take down LabHost, phishing-as-a-service platform

• Phishing-as-a-Service Platform LabHost Seized by Authorities

• Pharming Attack: A Deceptive Harvest of Your Data

• UK Police Lead Disruption of £1m Phishing-as-a-Service Site LabHost

• Cisco Hypershield: Security reimagined — hyper-distributed security for the AI-scale data center

• Cisco warns of a command injection escalation flaw in its IMC. PoC publicly available

• Cisco Taps AI and eBPF to Automate Security Operations

• 6 Phone Management Tips When Traveling Abroad

• Armis Acquires AI-based Vulnerability Detection Firm Silk Security

• Cisco creates architecture to improve security and sell you new switches

• Cisco Hypershield: A New Era of Distributed, AI-Native Security

• Cisco Hypershield: Reimagining Security

• Hackers Exploit OpenMetadata Flaws to Mine Crypto on Kubernetes

• Microsoft and Google are top companies to scam users

• Singapore infosec boss warns China/West tech split will be bad for interoperability

• Cheap ransomware for sale on dark web marketplaces is changing the way hackers operate

• Malicious Google Ads Pushing Fake IP Scanner Software with Hidden Backdoor

• Who owns customer identity?

• Taiwanese film studio snaps up Chinese surveillance camera specialist Dahua

• CSOs and CFOs; The World’s Next Greatest Dynamic Duo

• Palo Alto Networks PAN-OS Command Injection Vulnerability (CVE-2024-3400)

• Enterprises face significant losses from mobile fraud

• 92% of enterprises unprepared for AI security challenges

• Bots dominate internet activity, account for nearly half of all traffic

• A Vuln is a Vuln, unless the CVE for it is after Feb 12, 2024, (Wed, Apr 17th)

• ISC Stormcast For Thursday, April 18th, 2024 https://isc.sans.edu/podcastdetail/8944, (Thu, Apr 18th)

• The Fall of LabHost: Law Enforcement Shuts Down Phishing Service Provider

• Hugely expanded Section 702 surveillance powers set for US Senate vote

• 2024-04-17: TA578 pushes SSLoad malware

• IT Security News Daily Summary 2024-04-17

• Facebook’s Controversial “Consent Or Pay” Privacy Model Officially Shot Down

• Should you share your location with your partner?

• Kapeka: A New Backdoor in Sandworm’s Arsenal of Aggression

• Big Tech Says Spy Bill Turns Its Workers Into Informants

• Kremlin’s Sandworm blamed for cyberattacks on US, European water utilities

• XZ Utils-Like Takeover Attempt Targets the OpenJS Foundation

• CISA, FBI, and ODNI Release Guidance for Securing Election Infrastructure Against the Tactics of Foreign Malign Influence Operations

• National Guard will use Google’s AI for faster disaster response and recovery

• Big Tech Squares Off Against US Spies

• Linux variant of Cerber ransomware targets Atlassian servers

• Zero-Day Exploitation of Palo Alto Networks Firewall Allows Backdoor Installation

• Tesla To Ask Shareholders To Reinstate Elon Musk’s $56 Billion Package

• About Face (Recognition) | EFFector 36.5

• Congratulations to the Top MSRC 2024 Q1 Security Researchers!

• Glitter and… Firewalls? How to stay safe this festival season

• Safeguarding ERP Systems in the Digital Age: The Crucial Role of NetSuite Support in Cyber Defense

• Telegram To Reach One Billion Users Within Year

• Criminals want to pay T-Mobile and Verizon staff for SIM swaps. Here’s what you need to know

• The Evolving Threat of Ransomware — A Call to Action for Cybersecurity

• Xiid SealedTunnel: Unfazed by Yet Another Critical Firewall Vulnerability (CVE-2024-3400)

• Palo Alto Networks’ firewall bug under attack brings fresh havoc to thousands of companies

• FTC slaps penalty for leaking sensitive health data to Facebook

• The network effect: The secret weapon for smart manufacturing

• OpenAI’s ChatGPT Can Exploit Real Vulnerabilities By Reading Advisories

• Recent OT And Espionage Attacks Linked To Russia’s Sandworm, Now Named APT44

• Attackers Are Pummeling Networks Around The World With Millions Of Login Attempts

• Ivanti Patches 27 Vulns In Avalanche MDM Product

• Scammers Offer Cash To Phone Carrier Staff To Swap SIM Cards

• USENIX Security ’23 – Two Sides Of The Shield: Understanding Protective DNS Adoption Factors

• Linux Cerber Ransomware Variant Exploits Atlassian Servers

• Judge Dismisses Some Harm Claims Against Meta, Zuckerberg

• The Blink Mini 2 is seeing its first ever discount at 25% off

• Is a VPN Really Worth It in 2024?

• Armis Acquires Silk Security for $150 Million

• Miggo Security Gets $7.5 Million Seed Funding to Build ADR Technology

• Are VPNs Undertaking To Oversee All Digital Security?

• North Korean Group Kimsuky Exploits DMARC and Web Beacons

• $400 Bounty Awarded for SQL Injection Vulnerability Patched in WP Activity Log Premium WordPress Plugin

• What should Security Operations teams take away from the IBM X-Force 2024 Threat Intelligence Index?

• Sysreptor – Offensive Security Reporting Solution For Pentesters

• Keeper Security Offers Built-In Passphrase Generator to Strengthen Security

• US Government and OpenSSF Partner on New SBOM Management Tool

• Google Begins Removal Of California News Ahead Of Proposed Law

• Human Risk: An Organisation’s Biggest Problem and Greatest Opportunity

• Counting the Cost: $9.2 Trillion Annual Impact of Cybercrime Looms

• Hackers Use GitHub Search to Deliver Malware

• Tim Cook Says Apple Considering Factory In Indonesia

• Ivanti Warns of Critical Flaws in Its Avalanche MDM Solution

• Exploit code for Palo Alto Networks zero-day now public

• Cisco: Multiple VPN, SSH Services Targeted in Mass Brute-Force Attacks

• Russian APT Deploys New ‘Kapeka’ Backdoor in Eastern European Attacks

• The Digital Future Needs Cybersecurity Leaders

• Access Limitless Global Content: How Residential Proxies Enable It

• AI for Risk Discovery: 10 Ways to Make it Work For You

• Russia is Trying to Sabotage European Railways, Czech Minister Said

• From CEO Alan Shimel: Futurum Group Acquires Techstrong Group

• What to Take into Consideration When Choosing a SAST Tool for Your Business

• FGVulDet – New Vulnerability Detector to Analyze Source Code

• Cerber Linux Ransomware Exploits Atlassian Servers to Take Full Control

• 8 data protection challenges and how to prevent them

• New Bill Would Create a Governing Body for Water System Cyber Standards

• Russian Sandworm Group Using Novel Backdoor to Target Eastern and Central Europe

• Hybrid Working is Changing How We Think About Security

• Recent OT and Espionage Attacks Linked to Russia’s Sandworm, Now Named APT44

• Chrome 124, Firefox 125 Patch High-Severity Vulnerabilities

• Virtual Event Today: Ransomware Resilience & Recovery Summit

• Ivanti Patches 27 Vulnerabilities in Avalanche MDM Product

• North Korean Hackers Abuse DMARC To Legitimize Their Emails

• The Rise of Weaponized Software: How Cyber Attackers Outsmart Traditional Defenses

• National Security at Risk: The CFPB’s Battle Against Data Brokers

• Armis acquires Silk Security for $150 million

• OfflRouter virus causes Ukrainian users to upload confidential documents to VirusTotal

• Supercharging Cisco XDR with AI and Identity Intelligence at RSAC 2024

• DAST Scanner: New features and improvements

• Cyber Security Today, April 17, 2024 – More suspicious attempts to take over open source projects, a data theft at a Cisco Duo partner, and more

• GenAI: A New Headache for SaaS Security Teams

• Application Security Optimised for Engineering Productivity

• L00KUPRU Ransomware Attackers discovered in the wild

• Ivanti fixed two critical flaws in its Avalanche MDM

• Exploitation of Palo Alto Firewall Vulnerability Picking Up After PoC Release

• Oracle Patches 230 Vulnerabilities With April 2024 CPU

• Hackers Exploit Fortinet Flaw, Deploy ScreenConnect, Metasploit in New Campaign

• Critical Atlassian Flaw Exploited to Deploy Linux Variant of Cerber Ransomware

• Oracle Releases Biggest Security Update in 2024 – 372 Vulnerabilities Are Fixed – Update Now!

• Flyfish Review – How Reliable are this Company’s Payroll Management Solutions?

• Several GTKWave Vulnerabilities Fixed in Debian

• EU Elections: Pro-Russian Propaganda Exploits Meta’s Failure to Moderate Political Ads

• Google Chrome: Security and UI Tips You Need to Know

• Hackers Linked to Russia’s Military Claim Credit for Sabotaging US Water Utilities

• T-Mobile, Verizon Workers Get Texts Offering $300 for SIM Swaps

• OpenAI’s GPT-4 can exploit real vulnerabilities by reading security advisories

• HTTP/2 Vulnerability: Protect Web Servers from DoS Attacks

• Unveiling the Risks and Rewards of Exposing Your Data | Eureka Security

• Ahoi Attacks: A New Threat to Confidential VMs in the Cloud

• Canada To Implement Digital Services Tax This Year

• Cisco Warns Of Massive Brute-Force Attacks Targeting VPNs & SSH Services

• Outlook Login Panel Themed Phishing Attack Evaded All Antivirus Detections

• Vorlon is trying to stop the next big API breach

• SoumniBot: the new Android banker’s unique techniques

• Cyberattacks Surge 325% in Philippines Amid South China Sea Standoff

• Navigating AI and Cybersecurity: Insights from the World Economic Forum (WEF)

• Update: Researchers Released Exploit Code for Actively Exploited Palo Alto Networks PAN-OS Bug

• Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation

• Ivanti Patches Two Critical Avalanche Flaws in Major Update

• Misinformation and Hacktivist Campaigns Targeting the Philippines Skyrocket

• BreachForums Down, But Not Out: Hackers Claim Attack, Admins Remain Unfazed

• Cisco Warns of Global Surge in Brute-Force Attacks Targeting VPN and SSH Services

• Insider Threats Surge 14% Annually as Cost-of-Living Crisis Bites

• Operation MidnightEclipse: Hackers Actively Exploiting Palo Alto Networks Zero-Day Flaw

• Tor Browser 13.0.14 Released – What’s New!

• What is the U.S. Cyber Trust Mark?

• Iran Launched A Major Cyberattack Against Critical Infrastructure In Israel

• INC Ransom Group Exfiltrates Data Before Encrypting & Threatens Public Exposure

• Google Ads for Bitbucket.org – malvertising at its best

• Implementing ISO 27001:2022 Annex A.15 – Supplier Relationships

• New Android Malware Mimic Google Chrome to Steal Banking Details

• From Social Engineering to DMARC Abuse: TA427’s Art of Information Gathering

• Russian Sandworm Group Using Novel Backdoor to Target Ukraine and Allies

• Empowering Change: Using Your Influence to Confront the Climate Crisis

• Understanding CAT Culture in Cybersecurity: Collaboration, Awareness, and Training

• Researchers released exploit code for actively exploited Palo Alto PAN-OS bug

• Malicious PDF File Used As Delivery Mechanism, (Wed, Apr 17th)

• Cyber Threat from Remember Me Checkbox

• Japanese government rejects Yahoo! infosec improvement plan

• Cisco warns of large-scale brute-force attacks against VPN and SSH services

• Thinking outside the code: How the hacker mindset drives innovation

• Cybersecurity jobs available right now: April 17, 2024

• Damn Vulnerable RESTaurant: Open-source API service designed for learning

• LightSpy Hackers Target Indian Apple Device Users To Steal Sensitive Data

• IT and security professionals demand more workplace flexibility

• Understanding next-level cyber threats

• ISC Stormcast For Wednesday, April 17th, 2024 https://isc.sans.edu/podcastdetail/8942, (Wed, Apr 17th)

• Fire in the Cisco! Networking giant’s Duo MFA message logs stolen in phish attack

• Most developers have adopted devops, survey says

• Fire in the Cisco! Networking giant’s Duo MFA leaks message logs

• The Future of Business Communications: Trends Shaping the Industry

• What are Identity Providers (IdP)?

• IT Security News Daily Summary 2024-04-16

• Palo Alto Networks GlobalProtect exploit public and widely exploited CVE-2024-3400, (Tue, Apr 16th)

• Simeio Returns to Compete in 2024 ‘ASTORS’ Awards with Simeio OI

• ShadowRay Vulnerability: 6 Lessons for AI & Cybersecurity

• MGM says FTC can’t possibly probe its ransomware downfall – watchdog chief Lina Khan was a guest at the time

• Facebook Oversight Board Will Investigate Deepfake Porn Problem

• Speaking Freely: Lynn Hamadallah

• How Political Campaigns Use Your Data to Target You

• Change Healthcare’s New Ransomware Nightmare Goes From Bad to Worse

• PuTTY SSH Client flaw allows of private keys recovery

• Top Officials Again Push Back on Ransom Payment Ban

• Americans Deserve More Than the Current American Privacy Rights Act

• New Vulnerability “LeakyCLI” Leaks AWS and Google Cloud Credentials

• How to conduct security patch validation and verification

• A crypto wallet maker’s warning about an iMessage bug sounds like a false alarm

• Tell the FCC It Must Clarify Its Rules to Prevent Loopholes That Will Swallow Net Neutrality Whole

• Navigating the Cyber Typhoon: Safeguarding Data Amidst US-China Geo-Political Tensions.

• How to Remove Malware From a Mac or PC

• Trustifi’s Email Security Awareness Training – Empowering MSPs to Train & Protect Clients

• Proactive Threat Detection: Introducing Threat Hunting Essentials

• Cybersecurity Compliance: Understanding Regulatory Frameworks

• SIM Swappers Try Bribing T-Mobile and Verizon Staff $300

• US Think Tank Struck by Cyberattack

• Report: Bad Bots Drive 10% Annual Surge in Account Takeover Attacks

• US Senate to Vote on a Wiretap Bill That Critics Call ‘Stasi-Like’

• XZ Utils might not have been the only sabotage target, open-source foundations warn

• The best VPN deals right now

• Gen AI training costs soar yet risks are poorly measured, says Stanford AI report

• Evolution Equity Partners raises $1.1B for new cybersecurity and AI fund

• FTC Bans Online Mental Health Firm From Sharing Certain Data

• Alleged cryptojacker accused of stealing $3.5M from cloud to mine under $1M in crypto

• Critical PuTTY Vulnerability Allows Secret Key Recovery

• Virtual Event Tomorrow: Ransomware Resilience & Recovery Summit

• MixMode Launches Advanced AI-Powered Attack Detection Prioritization

• Online Health Firm Cerebral to Pay $7 Million for Sharing Private Data

• PuTTY vulnerability can be exploited to recover private keys (CVE-2024-31497)

• Cyber Attack on Cisco Duo breaches its multifactor authentication

• Microsoft will Limit Exchange Online Bulk Emails to Fight Spam

• Speedify VPN Review: Features, Security & Performance

• SIM swap crooks solicit T-Mobile US, Verizon staff via text to do their dirty work

• Rockwell Automation ControlLogix and GuardLogix

• Botnets Continue Exploiting CVE-2023-1389 for Wide-Scale Spread

• Blackjack Group Used ICS Malware Fuxnet Against Russian Targets

• Report: Microsoft Most Impersonated Brand in Phishing Scams

• Data Loss Prevention: Best Practices for Secure Data Management

• USENIX Security ’23 – Account Verification on Social Media: User Perceptions and Paid Enrollment

• Ban the Scan – Is Facial Recognition a Risk to Civil Liberties?

• Cisco Duo provider breached, SMS MFA logs compromised

• OpenJS Foundation Targeted in Potential JavaScript Project Takeover Attempt

• Electrolink FM/DAB/TV Transmitter

• Measuresoft ScadaPro

• Answering the Executive “Why” and “What” for Full-Stack Observability

• Celebrating Cisco’s AI Differentiation and Our Engineers During World Creativity & Innovation Week

• New SteganoAmor Attacks Use Steganography to Target 320 Organizations Globally

• Law Firm to Pay $8M to Settle Health Data Hack Lawsuit

• Cloud Users Warned of Data Exposure Risk From Command-Line Tools

• Cryptojacker Arrested, Charged for Defrauding Cloud Providers of $3.5 Million

• Ex-Security Engineer Jailed For Hacking Decentralized Cryptocurrency Exchanges

• Resilient Together, Highlighting the Importance of Emergency Communications

• OT security vendor Nozomi Networks lands Air Force contract

• AWS, Google, and Azure CLI Tools Could Leak Credentials in Build Logs

• TA558 Hackers Weaponize Images for Wide-Scale Malware Attacks

• Omni Hotels says customers’ personal data stolen in ransomware attack

• A renewed espionage campaign targets South Asia with iOS spyware LightSpy

• AI Watchdog Defends Against New LLM Jailbreak Method

• Delinea Scrambles To Patch Critical Flaw After Ignoring Researcher

• Cryptojacker Arrested For Defrauding Cloud Providers Of $3.5 Million

• Google Location Tracking Deal Could Be Derailed By Politics

• Open sourcerers say suspected xz-style attacks continue to target maintainers

• Tanium Automate reduces manual processes for repeatable tasks

• Vercara UltraEdge offers protection against internet-based threats

• Obtaining security clearance: Hurdles and requirements

• IMF Warns of Potential Bank Runs Triggered by Cyber Attacks

• Report Suggests 93% of Breaches Lead to Downtime and Data Loss

• QUIC Server Preview Branch Available for Testing and Feedback

• Guardz Welcomes SentinelOne as Strategic Partner and Investor to Boost Cybersecurity Defenses for SMBs

• Misinformation and hacktivist campaigns targeting the Philippines skyrocket

• Pentest People Becomes the First Leeds-based Cybersecurity Company to Achieve NCSC’s Cyber Advisor (Cyber Essentials) Accreditation

• Giant Tiger breach sees 2.8 million records leaked

• A Crash Course in Hardware Hacking Methodology: The Ones and Zeros

• AI Helps Security Teams, But Boosts Threats

• The Hidden Risk of Airport Phone Charging Stations and Why You Should Avoid It

• Roku Security Breach Exposes Over 500,000 User Accounts to Cyber Threats

• Data-Stealing Malware Infections Surge by 600% in Three Years, Kaspersky Reports

• Cybersecurity Crisis: Small Firms Rank Attacks as the Greatest Business Risk

• New open-source project takeover attacks spotted, stymied

• LeakyCLI Flaw Exposes AWS and Google Cloud Credentials

• Global Hack Exposes Personal Data: Implications & Privacy Protection – Axios Security Group

• OpenSSF Warns of Fake Maintainers Targeting JavaScript Projects

• Connect:fun Attacking Organizations Running Fortinet’s FortiClient EMS

• Omni Hotels & Resorts Hack: Attackers have Stolen Customer Information

• Securing the Financial Sector with Check Point Infinity Global Services

• Change Healthcare’s ransomware attack costs edge toward $1B so far

• Hacker Conversations: Kevin O’Connor, From Childhood Hacker to NSA Operative

• Cybersecurity Pros Urge US Congress to Help NIST Restore NVD Operation

• Personal Data Exposed in Massive Global Hack: Understanding the Implications & Guarding Privacy- Axios Security Group

• The best AirTag wallets of 2024: Expert tested and recommended

• Large-scale brute-force activity targeting VPNs, SSH services with commonly used login credentials

• TA558 Hackers Compromised 320+ Organizations’ FTP & SMTP Servers

• Synergizing Advanced Identity Threat Detection & Response Solutions

• Omni Hotels Says Personal Information Stolen in Ransomware Attack

• You Against the World: The Offenders Dilemma

• Ransomware Group Starts Leaking Data Allegedly Stolen From Change Healthcare

• Knowledge & Research Security

• GuidePoint Security introduces IoT Security Assessment

• Atlas VPN Review (Updated for 2024)

• Who Stole 3.6M Tax Records from South Carolina?

• Sectigo SCM Pro automates certificate management

• Identity in the Shadows: Shedding Light on Cybersecurity’s Unseen Threats

• Widely-Used PuTTY SSH Client Found Vulnerable to Key Recovery Attack

• Microsoft Most Impersonated Brand in Phishing Scams

• Blackjack Hackers Destroyed 87,000 Sensors Using Lethal ICS Malware

• X.com Automatically Changing Link Text but Not URLs

• Google location tracking deal could be derailed by politics

• Delinea Scrambles to Patch Critical Flaw After Failed Responsible Disclosure Attempt

• Russia is trying to sabotage European railways, Czech minister said

• IDnow VideoIdent Flex blends AI technology with human interaction

• Rolling Back Packages on Ubuntu/Debian, (Tue, Apr 16th)

• Hong Kong Approves Bitcoin, Ether ETFs

• Open Source Groups Warn Of Ongoing Attacks

• FTC Fines Mental Health Startup Cerebral $7 Million for Major Privacy Violations

• Open Source Leaders Warn of XZ Utils-Like Takeover Attempts

• Better application networking and security with CAKES

• Casting a Cybersecurity Net to Secure Generative AI in Manufacturing

• SCM and NERC: What You Need to Know

• Bad Bots Drive 10% Annual Surge in Account Takeover Attacks

• Apple Loses Smartphone Crown To Samsung Amidst China Pressure

• Trump Media Shares Buckle Over Secondary Offering Plans

• Cisco Duo Data Breach: Hackers Stolen VoIP & SMS for MFA

• Hive RAT Creators and $3.5M Cryptojacking Mastermind Arrested in Global Crackdown

• Apple’s Tim Cook Visits Vietnam Amidst China Troubles

• Android: Banking trojan masquerading as Chrome

• Ransomware group Dark Angels claims the theft of 1TB of data from chipmaker Nexperia

• Five Key Takeaways from the 2024 Imperva Bad Bot Report

• NSA, CISA & FBI Released Best Practices For AI Security Deployment 2024

• Critical RCE Vulnerability in 92,000 D-Link NAS Devices

• LockBit 3.0 ransomware customized version now used to attack Global Firms

• 5 free red teaming resources to get you started

• Audio deepfakes: What they are, and the risks they present

• AI set to enhance cybersecurity roles, not replace them

• 31% of women in tech consider switching roles over the next year

• ISC Stormcast For Tuesday, April 16th, 2024 https://isc.sans.edu/podcastdetail/8940, (Tue, Apr 16th)

• IntelBroker Claims Space-Eyes Breach, Targeting US National Security Data

• 2024-04-15: Contact Forms campaign leads to SSLoad malware

• Quick Palo Alto Networks Global Protect Vulnerablity Update (CVE-2024-3400), (Mon, Apr 15th)

• The ONE Thing All Modern SaaS Risk Management Programs Do

• US Awards $6.4bn To Samsung For Expanded Texas Chip Production

• CISA in a flap as Chirp smart door locks can be trivially unlocked remotely

• Key software patch testing best practices

• IT Security News Daily Summary 2024-04-15

• 4 types of cloud security tools organizations need in 2024

• Vulnerability Recap 4/15/24 – Palo Alto, Microsoft, Ivanti Exploits

• Cisco Duo warns telephony supplier data breach exposed MFA SMS logs

• D3 Security at RSAC 2024: Streamline Your Security Operations with Smart SOAR

• Change Healthcare stolen patient data leaked by ransomware gang

• Ukrainian Blackjack group used ICS malware Fuxnet against Russian targets

• The Race Against the Hackers: How the OffSec Cyber Ranges Keep You Ahead

• Vulnerability Summary for the Week of April 8, 2024

• Collaborative Scheduling: Enhancing Team Coordination With Open-Source Tools

• Hacker Customize LockBit 3.0 Ransomware to Attack Orgs Worldwide

• A ransomware gang is leaking Change Healthcare’s stolen patient data

• Coding for a Greener Tomorrow: Developer Sustainability Week Takes Center Stage

• MY TAKE: GenAI revolution — the transformative power of ordinary people conversing with AI

• Cisco Duo Says Hack at Telephony Supplier Exposed MFA SMS Logs

• Roku: Credential Stuffing Attacks Affect 591,000 Accounts

• Data protection vs. security vs. privacy: Key differences

• Palo Alto Patches 0-Day (CVE-2024-3400) Exploited by Python Backdoor

• Joint Guidance on Deploying AI Systems Securely

• Adapting to the Deluge of Cybersecurity Data

• Tesla Cuts More Than 10 Percent Of Workforce

• Zscaler to Acquire Airgap Networks to Segment Endpoint Traffic

• Intel and Lenovo BMCs Contain Unpatched Lighttpd Server Flaw

• Tesla To Lay Off ‘More Than 10 Percent’ Of Workforce

• Ex-Security Engineer Gets Three Years in Prison for $12 Million Crypto Hacks

• Russia and Ukraine Top Inaugural World Cybercrime Index

• Nexperia Ransomware attack and some details about American hackers spreading ransomware

• Delinea Secret Server Customers Should Apply Latest Patches

• Roku Makes 2FA Mandatory For All After Nearly 600k Accounts Pwned

• Palo Alto Networks Releases Fixes For Firewall Zero-Day As Attribution Attempts Emerge

• Ransomware Group Claims Theft Of Data From Chipmaker Nexperia

• Juniper Networks Publishes Dozens Of New Security Advisories

• When Security Collides with Customer Impatience

• Roku makes 2FA mandatory for all after nearly 600K accounts pwned

• CISA Directs Affected Agencies to Mitigate Risks Arising from Microsoft Breach

• Data Exposure Incident: iCabbi’s Security Breach

• Meet With OpenSSL at RSA Conference 2024

• Crickets from Chirp Systems in Smart Lock Key Leak

• Ransomware Group Claims Theft of Data From Chipmaker Nexperia

• NightVision Raises $5.4 Million for Application Security Testing

• Second Largest Employer Amazon Opts For Robots, Substituting 100,000 Jobs

• New LockBit Variant Exploits Self-Spreading Features

• $1,250 Bounty Awarded for Unauthenticated SQL Injection Vulnerability Patched in Email Subscribers by Icegram Express WordPress Plugin

• The Journey: Quantum’s Yellow Brick Road

• New Report from Match Systems Sheds Light on Central Bank Digital Currencies (CDBC)

• Microsoft .NET, .NET Framework, & Visual Studio Vulnerable To RCE Attacks

• CISA adds Palo Alto Networks PAN-OS Command Injection flaw to its Known Exploited Vulnerabilities catalog

• Nationwide Scam Targets Road Toll Users via SMS Phishing Scheme

• Apple Steps Up Spyware Alerts Amid Rising Mercenary Threats

• Navigating the Complex Landscape of Cyber Threats: Insights from the Sisense Breach and North Korean Tactics

• Palo Alto Networks Zero-Day Flaw Exploited in Targeted Attacks

• Software Support: 7 Essential Reasons You Can’t Overlook

• Delinea Secret Server customers should apply latest patches

• TechRepublic’s Review Methodology for VPNs

• Destructive ICS Malware ‘Fuxnet’ Used by Ukraine Against Russian Infrastructure

• Juniper Networks Publishes Dozens of New Security Advisories

• Muddled Libra Shifts Focus to SaaS and Cloud for Extortion and Data Theft Attacks

• AI Copilot: Launching Innovation Rockets, But Beware of the Darkness Ahead

• Microsoft and Google Top the List in Q1 2024 Phishing Attacks: Check Point Research Highlights a Surge in Cyber Threats

• #MIWIC24 Cyber Marketeer of the Year: Laura Reilly

• Texting Secrets: How Messenger Apps Guard Your Chats

• US senator wants to put the brakes on Chinese EVs

• What’s Next in Cortex — XSIAM for Cloud and Other Innovations

• Cyber Security Today, April 15, 2024 – Act fast to a plug hole in Palo Alto Networks firewall, Canadian comedy festival loses over $800K in email scam, and more

• Chipmaker Giant Nexperia Confirms Cyber-Attack Amid Ransomware Group Claims

• Threat actors exploited Palo Alto Pan-OS issue to deploy a Python Backdoor

• Privacera adds access control and data filtering functionality for Vector DB/RAG

• Microsoft April Patch Tuesday Fixes Dozens of RCE Flaws

• Invision Community Vulnerabilities Risk E-Commerce Websites

• How Artificial Intelligence Technology Affects Fintech Companies & The Financial Industry

• FBI and AFP Arrest Alleged Developer, Marketer of Firebird/Hive RAT

• Cisco Telemetry Broker (CTB) 2.1 Launch

• Palo Alto Networks Releases Fixes for Firewall Zero-Day as Attribution Attempts Emerge

• Former Security Engineer Sentenced to Prison for Hacking Crypto Exchanges

• Two People Arrested in Australia and US for Development and Sale of Hive RAT

• Vulnerable Villain: When Hackers Get Hacked

• A critical vulnerability in Delinea Secret Server allows auth bypass, admin access

• Timing is Everything: The Role of Just-in-Time Privileged Access in Security Evolution

• New Lattice Cryptanalytic Technique

• eBook: Why CISSP?

• How to freeze your credit (and why you might want to)

• The US Government Has a Microsoft Problem

• Palo Alto Networks Releases Fixes for Firewall Zero-Day as First Attribution Attempts Emerge

• Deepfake pornography explosion

• Palo Alto Networks Fixes Critical Zero-Day Vulnerability in PAN-OS

• Huawei To Sell Laptop With Latest Intel Core Ultra AI Chip

• Deepfakes: More Than Skin Deep Security

• Huawei Building Massive Chip R&D Centre In Shanghai

• Using the LockBit builder to generate targeted ransomware

• Linux Backdoor Infection Scare, Massive Social Security Number Heist

• Scale Your Security with vCISO as a Service

• OpenAI Chief Altman Pitches ChatGPT At Corporate Events

• OpenAI Fires Two Researchers Over Information Leaks

• LightSpy Hackers Indian Apple Device Users to Steal Sensitive Data

• Chinese-Linked LightSpy iOS Spyware Targets South Asian iPhone Users

• FBI Warns of Massive Toll Services Smishing Scam

• How to Safeguard Your Data Through Security Awareness Training?

• ITRC’s 2023 Data Breach Report Is a Mixed Bag

• What Is an Axon Agent, and Why Do You Need One?

• Understanding ISO 27001:2022 Annex A.14 – System Acquisition, Development, and Maintenance

• Police Swoop on €645m Cannabis Investment Fraud Gang

• Elon Musk To Meet India’s Modi Over Import Deal

• Apple Nears Production Of AI-Focused M4 Chip

• Identifying third-party risk

• ShadowDragon Horizon enhancements help users conduct investigations from any device

• Palo Alto Networks Releases Urgent Fixes for Exploited PAN-OS Vulnerability

• A week in security (April 8 – April 14)

• MPs: Government ‘Should Use TikTok’ To Reach Young People

• U.S. and Australian police arrested Firebird RAT author and operator

• This Startup Aims To Simplify End-to-End Cybersecurity, So Anyone Can Do It

• LightSpy Malware Attacking Android and iOS Users

• Streaming service ROKU witnessed 500K customers data leak

• The Drive Behind AI Companies Developing Their Own Processors: Safeguarding Data Security

• Microsoft publishes new Registry security mitigation for Intel processors (Spectre)

• Geopolitical tensions escalate OT cyber attacks

• How to protect IP surveillance cameras from Wi-Fi jamming

• Exposing the top cloud security threats

• How Israel Defended Against Iran’s Drone and Missile Attack

• Zarf: Open-source continuous software delivery on disconnected networks

• Expand your library with these cybersecurity books

• How Israel Defended Itself Against Iran’s Drone and Missile Attack

• US House approves FISA renewal – warrantless surveillance and all

• IT Security News Weekly Summary – Week 15

• IT Security News Daily Summary 2024-04-14

• Facebook Testing Tools To Auto-Blur Nudity In Teens’ DMs

• Deciphering Metrics: From NCAA Women’s Basketball to Cyber Trends

• USENIX Security ’23 – How to Bind Anonymous Credentials to Humans

• Apple Alerts iPhone Users of ‘Mercenary Attack’ Threat

• Canadian retail chain Giant Tiger data breach may have impacted millions of customers

• Upcoming Speaking Engagements

• Iranian Hackers Use New C2 Tool ‘DarkBeatC2’ in Recent Operation

• Is Facial Biometrics the Future of Digital Security?

• How Israel Fended Off Iran’s Drone and Missile Attack

• The Silent Flaw: How a 6-Year-Old BMC Vulnerability Went Unnoticed

• 300 Strikes: Fort Worth’s Battle Against the Medusa Gang

• Security Affairs newsletter Round 467 by Pierluigi Paganini – INTERNATIONAL EDITION

• Delinea has cloud security incident in Thycotic Secret Server gaff

• Week in review: Palo Alto Networks firewalls under attack, Microsoft patches two exploited zero-days

• How to track and stop CVE-2024-3400: Palo Alto Devices API Exploit Causing Critical Infrastructure and Enterprise Epidemics

• Red Hat Enterprise Linux 7: End of compliance content on June 30, 2024

• How Israel Is Defending Against Iran’s Drone Attack

Generated on 2024-04-21 23:58:26.510829