IT Security News Weekly Summary – Week 30

• IT Security News Daily Summary 2024-07-28

• French authorities launch disinfection operation to eradicate PlugX malware from infected hosts

• USENIX Security ’23 – Bilingual Problems: Studying the Security Risks Incurred by Native Extensions in Scripting Languages

• KnowBe4 Avoids Data Breach After Hiring North Korean Hacker

• Eliminating the Last Mile Between Security Data and Decision Making

• Security Affairs Malware Newsletter – Round 4

• Security Affairs newsletter Round 482 by Pierluigi Paganini – INTERNATIONAL EDITION

• Indian Govt Confirms BSNL User Data Breach

• Report: Spyware Maker’s Data Leak Exposes Malware Used on Windows, Mac, Android, and Chromebook Devices

• CyberCartel: Latest Banking Trojan Threat in Chrome Extensions

• Cyber Heist: Rs 40 Crore Taken from IndusInd Bank

• The best laptop docking stations in 2024: Expert tested and reviewed

• Artificial Intelligence in 2024

• Apple may be cooking something big with its new Game Mode. Here are 3 things we know

• One of the best e-readers I’ve tested is an Android phone dupe that’s full of wonder

• One of the best rugged Android phones I’ve tested is also one of the cheapest

• Week in review: CrowdStrike-triggered outage insights, recovery, and measuring cybersecurity ROI

• IT Security News Daily Summary 2024-07-27

• Ukraine’s cyber operation shut down the ATM services of major Russian banks

• Create Your Own BSOD: NotMyFault, (Sat, Jul 27th)

• North Korean Hacker Indicted for Cyber Attacks on U.S. Hospitals, NASA, and Military Bases

• Telegram Users Cross 900 Million, Company Plans to Launch App Store

• The best cheap gaming PCs of 2024: Expert recommended

• USENIX Security ’23 – Hiding in Plain Sight: An Empirical Study of Web Application Abuse in Malware

• Teen Hacker Linked to Hacking of Government Agencies, School Websites

• Hacker Alleges Theft of Piramal Group’s Employee Data; Company Denies Breach as “Erroneous and Misleading”

• Pharmacy Network Sues Change Healthcare Post-Cyberattack

• Get this top-rated 12-in-1 electric screwdriver for $60!

• This 3-in-1 MagSafe charger is my new favorite travel accessory, it supports Qi2

• This power station has an irreplaceable emergency feature

• This portable power station has a standout feature that makes camping safer

• The Jackery Explorer 1000 is one of the best portable power stations

• Stop X’s Grok AI From Training on Your Tweets

• I can’t recommend this rugged power station enough to drone users, and it’s now $300 off

• One of the most durable power stations I’ve tested is not made by Anker or Jackery

• Get 50% off a Sam’s Club membership – here’s how

• Unlocking the Power of Behavioral Cloud Native Threat Detection and Response

• 3,000 Fake GitHub Accounts Used to Spread Malware in Stargazers Ghost Scheme

• These $50 earbuds blew me away with stunning sound and plenty of comfort

• The best GaN chargers of 2024: Expert tested

• 5 Linux commands for better group management (and how to use them)

• Telegram for Android hit by a zero-day exploit – Week in security with Tony Anscombe

• Buy a one-year subscription to Microsoft 365 for $45

• This Dell Inspiron is one of the most versatile, well-rounded laptops I’ve tested

• Navigating the Impact of Major IT Outages: Lessons from the CrowdStrike Incident

• This cheap fix made my Google Pixel Buds Pro sound better than ever

• French Authorities Launch Operation to Remove PlugX Malware from Infected Systems

• Unveiling the Latest Banking Trojan Threats in Latin America

• Cybersecurity Today Week in Review: CrowdStrike and more.

• Malicious PyPI Package Targets macOS to Steal Google Cloud Credentials

• Response to CISA Advisory (AA24-207A): North Korea Cyber Group Conducts Global Espionage Campaign to Advance Regime’s Military and Nuclear Programs

• FAQ: How Are STIGs, SRGs, SCAP, and CCIs Related?

• A bug in Chrome Password Manager caused user credentials to disappear

• Crooks Bypassed Google’s Email Verification to Create Workspace Accounts, Access 3rd-Party Services

• IT Security News Daily Summary 2024-07-26

• Friday Squid Blogging: Sunscreen from Squid Pigments

• The best Alexa devices of 2024: Expert tested and recommended

• These transparent earbuds by Nothing made my AirPods look and sound boring

• This Asus Copilot+ PC has one of the best displays I’ve seen on a laptop (and it exudes premium)

• How to calibrate your TV for the best picture quality – 2 easy and simple methods

• Apple reports iCloud Private Relay global outages for some users

• Negotiate Your Next Cyber Insurance Policy With This 6-Step Playbook

• 5 Innovative Cybersecurity Measures App Developers Should Incorporate in the Digital Transformation Race

• CrowdStrike meets Murphy’s Law: Anything that can go wrong will

• AI and Vulnerability Management: Industry Leaders Show Positive Signs

• EvilVideo Exploit: Telegram Zero-Day Vulnerability Allows Disguised APK Attacks

• Google Backtracks on Cookie Phaseout: What It Means for Users and Advertisers

• Researcher says deleted GitHub data can be accessed ‘forever’

• Chainguard Raises $140M to Drive AI Support, Global Growth

• Researchers Warn of Increased Cyberterrorism Activity Targeting Paris Olympics

• Scams to steer clear of as a college student, from a college student

• Effortless certificate management with automated CNAME validation

• National Defense University Cyber Professor Tapped as ONCD Deputy Director

• PKfail: 800+ Major PC Models have Insecure ‘Secure Boot’

• Ledger Flex: Secure self-custody with E Ink touchscreen display

• Your industrial network is not a commodity: it is strategic to your success

• Compromising the Secure Boot Process

• The Most Urgent Security Risks for GenAI Users are all Data-Related

• How to build a CA hierarchy across multiple AWS accounts and Regions for global organization

• Crowdstrike Threat Intelligence data leaked by hackers

• What is a computer exploit?

• 8 Benefits of Endpoint Detection & Response (EDR) You Should Know [2024]

• Software Maker MCG Health Settles Data Breach Suit for $8.8M

• How To Secure Your Angular Apps: End-To-End Encryption of API Calls

• Learn a new language with a Babbel subscription for 76% off

• The best TVs for PS5 of 2024: Expert tested

• One of the best budget Android tablets I’ve tested is not made by Samsung or Google

• Fortinet Training Institute Expands Cyber Education Opportunities for Veterans

• How Cyber Insurance Coverage is Evolving

• Meta takes down 63,000 sextortion-related accounts on Instagram

• Are We Ready For The Next Major Global IT Outage? Here’s All You Need to Know

• ERP Firm Data Breach Exposes Over 750 Million Records

• California’s Major Trial Court Falls Victim to Ransomware Attack

• Planting Trees in India: Green Team #GenerationRestoration

• Google Chrome Modifies Privacy Sandbox To Allow Cookies

• OpenAI Tests Search Engine Prototype Called ‘SearchGPT’

• My favorite accessory for DIY projects has a useful LED screen – and it’s game-changing

• Elon Musk’s X now trains Grok on your data by default – here’s how to opt out

• Belarus-linked Hackers Target Ukrainian Organizations with PicassoLoader Malware

• Digital Apartheid in Gaza: Unjust Content Moderation at the Request of Israel’s Cyber Unit

• IAM for MSPs Provider Evo Security Raises $6 Million

• CrowdStrike CEO: 97 Percent Of Windows Sensors Back Online

• The best bone conduction headphones of 2024: Expert tested and reviewed

• I replaced my Nest with this Arlo 2K video doorbell, and it’s perfect for smart home beginners

• Synnovis Restores Systems After Cyber-Attack, But Blood Shortages Remain

• What to expect from Made by Google 2024: Pixel 9 Pro Fold, Watch, Android 15, AI, and more

• We’ve entered the era of the smart ring. Here’s why it will shake up the wearables market

• BitLocker workaround may offer aid for CrowdStrike customers

• ServiceNow RCE Flaws Actively Exploited by Threat Actors to Steal Credentials

• How CISOs Enable ITDR Approach Through the Principle of Least Privilege

• Malicious Inauthentic CrowdStrike Falcon Crash Reporter Installer Distributed to German Entity

• Progress discloses second critical flaw in Telerik Report Server in as many months

• This AI-Powered Cybercrime Service Bundles Phishing Kits with Malicious Android Apps

• Hacktivists Claim Leak of CrowdStrike Threat Intelligence

• SeleniumGreed Cryptomining Campaign Exploiting Publicly Exposed Grid Services

• Buy a Costco membership and get a $40 gift card, free. Here’s how

• US Indicts Alleged North Korean State Hacker for Ransomware Attacks on Hospitals

• Suspect Indicted in North Korea Group’s Expansive Spying Operation

• Sheltering from the Cyberattack Storm

• A North Korean Hacker Tricked a US Security Vendor Into Hiring Him—and Immediately Tried to Hack Them

• Threat Actors Exploit Fresh ServiceNow Vulnerabilities in Attacks

• ExelaStealer Delivered “From Russia With Love”, (Fri, Jul 26th)

• I’ve tried a zillion desktop distros – it doesn’t get any better than Linux Mint 22

• The best humidifiers of 2024: Expert tested and reviewed

• The best iPads for college students in 2024: Expert tested and reviewed

• BIND updates fix four high-severity DoS bugs in the DNS software suite

• Thread Name-Calling: Using Thread Name for Offense

• Senator: Top Banks Only Reimburse 38% of Unauthorized Claims

• Elon Musk To Discuss $5 Billion xAI Investment With Tesla Board

• Europe Is Pumping Billions Into New Military Tech

• ZeroTier raises $13.5M to help avert CrowdStrike-like network problems

• Critical ServiceNow RCE Flaws Actively Exploited to Steal Credentials

• CrowdStrike Disruption Direct Losses to Reach $5.4B for Fortune 500, Study Finds

• Offensive AI: The Sine Qua Non of Cybersecurity

• US Charges North Korean Hacker for Ransomware Attacks on Hospitals

• OpenAI Launches SearchGPT Prototype

• Buy a Windows 11 Pro license for $25 right now

• DTX + UCX London is back: Global brands, cutting-edge technology and world-renowned speakers take centre stage

• In Other News: FBI Cyber Action Team, Pentagon IT Firm Leak, Nigerian Gets 12 Years in Prison

• Despite Bans, AI Code Tools Widespread in Organizations

• Scam Attacks Taking Advantage of the Popularity of the Generative AI Wave

• North Korean Hackers Targeted KnowBe4 with Fake IT Worker

• North Korean Hackers Target Critical Infrastructure for Military Gain

• Progress Software Fixed Critical Flaw in Telerik Report Server

• Google Chrome Now Asks for Passwords To Scan Protected Archives

• PKfail Vulnerability Allows Secure Boot Bypass on Hundreds of Computer Models

• Cybersecurity News: Microsoft Defender exploited, assassin’s encryption frustration, NK elite hackers

• Security Serious Unsung Heroes Awards 2024 open for nominations

• SocGholish: Fake Update Puts Visitors at Risk

• Happy System Administrator Appreciation Day 2024

• Master Cybersecurity With The Complete CompTIA Security+ SY0-701 Certification Kit by IDUNOVA

• Email Gateway Security Gaps Enable New Malware Tactics

• Patchwork Group Found Using Brute Ratel C4 and an Enhanced Version of PGoShell Backdoor

• Mimecast Acquires Veteran Data Security Firm Code42

• Onyx Sleet uses array of malware to gather intelligence for North Korea

• U.S. DoJ Indicts North Korean Hacker for Ransomware Attacks on Hospitals

• 97% of Devices Disrupted by CrowdStrike Restored as Insurer Estimates Billions in Losses

• Deepfake Attacks Prompt Change in Security Strategy

• Networking Equipment Riddled With Software Supply Chain Risks

• North Korean chap charged for attacks on US hospitals, military, NASA – and even China

• Terrorist Activity is Accelerating in Cyberspace – Risk Precursor to Summer Olympics and Elections

• The Role of DDoS Stress Testing in DDoS Protection

• Bridging the Expertise Gap: Enhancing Cybersecurity Skills in Compliance Professionals

• Play & LockBit Ransomware Join Hands to Launch Cyber Attacks

• Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327)

• North Korean state hacker infiltrates US security firm; Cybersecurity Today for Friday, July 26, 2024

• NHS Ransomware Attack leads to extreme blood shortage

• Harnessing Defensive AI: Safeguarding the Digital Realm

• CrowdStrike Warns of New Phishing Scam Targeting German Customers

• Ongoing Cyberattack Targets Exposed Selenium Grid Services for Crypto Mining

• North Korean chap charged for attacks on US hospitals, miiltary, NASA – and even China

• Critical Flaw in Telerik Report Server Poses Remote Code Execution Risk

• AI-generated deepfake attacks force companies to reassess cybersecurity

• 16% of organizations experience disruptions due to insufficient AI maturity

• Most CISOs feel unprepared for new compliance regulations

• Changing the Passive to Active: Updating SaaS Cybersecurity Strategy with Threat Management

• North Korean chap charged for attacks on US hospitals, NASA – and even China

• New infosec products of the week: July 26, 2024

• ISC Stormcast For Friday, July 26th, 2024 https://isc.sans.edu/podcastdetail/9070, (Fri, Jul 26th)

• Malware crew Stargazers Goblin used 3,000 GitHub accounts to make bank

• CrowdStrike update blunder may cost world billions – and insurance ain’t covering it all

• Beware of fake CrowdStrike domains pumping out Lumma infostealing malware

• A Guide to Open Source Software

• How To Implement a Gateway With Spring Cloud

• IT Security News Daily Summary 2024-07-25

• Microsoft’s generative search engine weds something new, something old

• Join Our Webinar: Zero Trust and IAM – Building a Secure Future

• Learning from CrowdStrike’s Quality Assurance Failures

• Progress Software fixed critical RCE CVE-2024-6327 in the Telerik Report Server

• Google’s DeepMind AI takes home silver medal in complex math competition

• The best smartwatch for kids that I’ve tested is not an Apple Watch or Garmin

• OpenAI’s newly released GPT-4o mini dominates the Chatbot Arena. Here’s why.

• The best silent mouse of 2024: Expert tested and reviewed

• FYI: Data from deleted GitHub repos may not actually be deleted

• North Korean Charged in Ransomware Attacks on American Hospitals

• CCNA: What It Means to Me, What Awaits in Cisco U.

• Emulating the Prickly Cactus Ransomware

• Google, Microsoft, Others Support U.S.-Based Spyware Lawsuits

• OpenAI launches SearchGPT – here’s what it can do and how to access it

• An explanation of Flipper Zero

• The CrowdStrike Outage and Market-Driven Brittleness

• One of the most versatile video doorbells I’ve tested is not made by Ring or Nest

• Cyber travel scams: The biggest scams to be aware of when planning your next trip

• AI’s Rapid Code Development Outpaces Security Efforts

• The massive computer outage over the weekend was not a cyber attack, and I’m not sure why we have to keep saying that

• Amazon Developing Cheaper AI Chips – Report

• 5 reasons to work with the competition, according to business leaders

• Disney+, Hulu and Max streaming bundle is now available for almost 40% off

• Apple Smartphone Sales In China Drop 6.7 Percent, Canalys Finds

• 5 Linux commands for group management and how to use them

• How to install Windows 11 the way you want (and sneak by Microsoft’s restrictions)

• North Korean Hacker Group Targeting Healthcare, Energy Sectors

• ConfusedFunction: A Privilege Escalation Vulnerability Impacting GCP Cloud Functions

• Uncle Sam accuses telco IT pro of decade-long spying campaign for China

• Researchers Claim Anyone Can Access Deleted, Private GitHub Repository Data

• Chainguard Raises $140 Million, Expands Tech to Secure AI Workloads

• LangChain Gen AI Under Scrutiny Experts Discover Significant Flaws

• Meta Ordered To Clean Up AI-Generated Porn By Oversight Board

• Windows update may present users with a BitLocker recovery screen

• SEXi / APT Inc Ransomware – What You Need To Know

• Play Ransomware Group is Targeting VMWare ESXi Environments

• India’s Digital Rise Sees Alarming Surge in Online Scams Targeting the Elderly

• The best MP3 players of 2024

• I’m a diehard Pixel user, but I’m considering switching for 2 reasons (and I’m not alone)

• Skip the Apple Watch: Google’s Fitbit Ace LTE is the best smartwatch for your kids

• Google’s Gemini chatbot gets highly anticipated updates. Here’s what it means for you

• Critical bug in Docker Engine allowed attackers to bypass authorization plugins

• Comparative Analysis of Password Hashing Algorithms: Argon2, bcrypt, scrypt, and PBKDF2

• Ransomware shift from Cyber Espionage for North Korea

• One of the best foldable phones I’ve tested is not a OnePlus or Motorola

• Improving Data Center Energy Efficiency to Power the AI Revolution

• Cisco Partner Conversations: Delivering for our clients with NTT DATA

• [2024] 10 Qualys Alternatives That Should Be on Your Shortlist

• Life at Fortinet: The Various Career Pathways in Cybersecurity

• Critical Microsoft Zero-Day Vulnerability Exploited in the Wild for Over a Year

• Wordfence Intelligence Weekly WordPress Vulnerability Report (July 15, 2024 to July 21, 2024)

• The Essential Guide to Total Protection in Microsoft 365

• The Importance of Ethical Hacking in Cybersecurity

• Chinese SMS Phishing Group Hits iPhone Users in India Post Scam

• The best tablets of 2024: Expert tested and reviewed

• The best iPads of 2024: Expert tested and reviewed

• Join BJ’s Wholesale Club for $20 (reg. $55)

• Sophos XG vs Fortinet Fortigate: 2024 Firewall Comparison

• Siemens SICAM Products

• Positron Broadcast Signal Processor

• CISA Releases Two Industrial Control Systems Advisories

• Hacked, leaked, exposed: Why you should never use stalkerware apps

• Electronic Frontier Foundation to Present Annual EFF Awards to Carolina Botero, Connecting Humanity, and 404 Media

• North Korean Hackers Shift from Cyber Espionage to Ransomware Attacks

• What I learned from the ‘Microsoft global IT outage’

• Pilot VPC and Advanced NAT: Securely Connect Overlapping Networks to AWS VPC

• Forget Dyson: I tested Roborock’s wet-dry hand vacuum and it left my floors spotless

• This $45 mini screwdriver kit has a useful LED screen – and I highly recommend it

• Spotify wants you to get Deluxe, a more expensive version with lossless audio and other perks

• How technology is being used to help support environmental conservation

• E-rate Program Expanded, Plus Cisco Knowledge Hub Updates

• The Road to CTEM, Part 3: BAS vs. Other Validation Technologies

• Navigating Cybersecurity Legal Liabilities

• CrowdStrike Blames ‘Undetected Error’ For World’s Largest IT Outage

• Nexo Cements User Data Security with SOC 3 Assessment and SOC 2 Audit Renewal

• Threat Actors Claiming Leak of IOC list with 250M Data, CrowdStrike Responded

• Unveiling the latest banking trojan threats in LATAM

• How to turn on Private DNS Mode on Android – and what it can do for you

• Buy a 5-year subscription to AdGuard VPN for $40

• The best iPad Air cases of 2024: Expert tested

• We’ve entered the era of the smart ring. Here are 3 reasons why I couldn’t be more excited

• At the Olympics, AI Is Watching You

• TransparentTribe’s Spear-Phishing Targeting Indian Government Departments

• You should probably fix this 5-year-old critical Docker vuln fairly sharpish

• Ransomware and BEC Make Up 60% of Cyber Incidents

• Navigating Legal and Ethical Challenges in Web Scraping

• Google Chrome Warns of Malicious Files While Downloading

• Protecting Your Cloud Application Against Unknown Risks

• CrowdStrike outage explained: What caused it and what’s next

• AI Accelerates Code Development Faster Than Security Teams can Keep up

• BIND Updates Resolve High-Severity DoS Vulnerabilities

• Chainguard raises $140 million to strengthen open source software security

• Alphabet To Invest $5 Billion In Waymo Self-Driving Unit

• Data breach exposes US spyware maker behind Windows, Mac, Android and Chromebook malware

• Phishing Campaign Targeting Mobile Users in India Using India Post Lures

• Report: Malware Attacks Surge 30% in First Half of 2024

• Deep Dive: Unveiling the Untold Challenges of Single Sign-On (SSO) Management

• Faulty Software Update Shuts Down Critical Infrastructure, Highlighting Major Risks

• The best noise-canceling earbuds of 2024: Expert tested and reviewed

• Get Microsoft Office for Windows or Mac for $25 right now

• The best foldable phones of 2024: Expert tested and reviewed

• Apple Maps is now on the web – here’s how you can use it, and not just for directions

• ‘Stargazer Goblin’ Amasses Thousands of Rogue GitHub Accounts to Spread Malware

• 5 Echo Show settings to change to make your smart display less annoying

• Kaspersky says Uncle Sam snubbed proposal to open up its code for third-party review

• At The 2024 Summer Olympics, AI Is Watching You

• Pro-Palestinian Actor Levels Six-Day DDoS Attack on UAE Bank

• Vanta Raises $150M Series C, Now Valued at $2.45B

• Docker fixes critical auth bypass flaw, again (CVE-2024-41110)

• Microsoft’s Windows Hello for Business Flaw Let Attackers Bypass Authentication

• Data Wallets Using the Solid Protocol

• Major Russian Banks Hit with DDoS Attacks as Ukraine Claims Responsibility

• Lakera Raises $20 Million to Secure GenAI Applications

• Network of 3,000 GitHub Accounts Used for Malware Distribution

• Thawing Your Email Security Strategy with Frost’s 2024 Radar Report: A Dynamic Cyber Threat Landscape

• Meta Removes 63,000 Instagram Accounts Linked to Nigerian Sextortion Scams

• 6 Types of Applications Security Testing You Must Know About

• I spent a week with Samsung’s Galaxy Z Flip 6. Here’s what you should know before buying one

• EDR vs. SIEM: What’s the difference?

• Hackers exploit Microsoft Defender SmartScreen bug CVE-2024-21412 to deliver ACR, Lumma, and Meduza Stealers

• Infisical: Open-source secret management platform – Help Net Security

• APT45: North Korea’s Digital Military Machine

• Akira Ransomware Gang targets Split Airport of Croatia

• Revolut Gains UK Banking Licence

• Buy a Microsoft Visual Studio Pro license for 90% off

• Echoes of Braodo Tales from the Cyber Underworld

• Researchers Reveal ConfusedFunction Vulnerability in Google Cloud Platform

• Webinar: Securing the Modern Workspace: What Enterprises MUST Know about Enterprise Browser Security

• Cybersecurity Is a Communications Problem

• IR Trends: Ransomware on the rise, while technology becomes most targeted sector

• AI Tool Identifies BOLA Vulnerabilities in Easy!Appointments

• LummaC2 Malware Using Steam Gaming Platform as C2 Server

• Over Half of UK Workers Haven’t Received Training on Avoiding Phishing Scams

• Learning from CrowdStrike’s quality assurance failures

• Cybersecurity News: CrowdStrike details, Chrome keeps cookies, BreachForums leaked

• Google Boosts Chrome Protections Against Malicious Files

• Third-Party Cookies Stay: Google’s New Plan for Web Browsing Privacy

• CAST SBOM Manager automates creation and handling of SBOMs

• Malware Attacks Surge 30% in First Half of 2024

• Okta Browser Plugin Reflected Cross-Site Scripting CVE-2024-0981

• A Guide to Select the Best Operating System for NAS Data Recovery

• Most IT Leaders Say Severity of Cyber-Attacks has Increased

• Lakera raises $20 million to secure GenAI applications

• XWorm Hidden With Process Hollowing, (Thu, Jul 25th)

• Patch management still seemingly abysmal because no one wants the job

• BIND 9.20 released: Enhanced DNSSEC support, application infrastructure improvements

• Ukraine Hackers Hit Major Russian banks with DDoS attacks

• Condo.com – 1,481,555 breached accounts

• Hacker claims theft of Piramal Group’s employee data

• New Chrome Feature Scans Password-Protected Files for Malicious Content

• Critical Docker Engine Flaw Allows Attackers to Bypass Authorization Plugins

• How CISOs enable ITDR approach through the principle of least privilege

• Explore Talent – 5,371,574 breached accounts

• Cloud security threats CISOs need to know about

• Researchers expose GitHub Actions workflows as risky and exploitable

• The most urgent security risks for GenAI users are all data-related

• Briefing: Negotiating States Must Address Human Rights Risks in the Proposed UN Surveillance Treaty

• How a cheap barcode scanner helped fix CrowdStrike’d Windows PCs in a flash

• ISC Stormcast For Thursday, July 25th, 2024 https://isc.sans.edu/podcastdetail/9068, (Thu, Jul 25th)

• The months and days before and after CrowdStrike’s fatal Friday

• Cybersecurity Firm KnowBe4 Tricked into Hiring North Korean Hacker as IT Pro

• Michigan Medicine data breach impacted 56953 patients

• Journalists Sue Massachusetts TV Corporation Over Bogus YouTube Takedown Demands

• Fatal timeline of CrowdStrike’s week from hell – Feb to now

• Docker Patches Critical AuthZ Plugin Bypass Vulnerability Dating Back to 2018

• Nvidia’s latest AI offering could spark a custom model gold rush

• IT Security News Daily Summary 2024-07-24

• NCSWIC’s Planning, Training, and Exercise Committee releases “Set Your PACE Plan” Flyer

• Buy Microsoft Project Pro or Microsoft Visio Pro for $20 right now

• U.S. CISA adds Microsoft Internet Explorer and Twilio Authy bugs to its Known Exploited Vulnerabilities catalog

• Oops. Apple relied on bad code while flaming Google Chrome’s Topics ad tech

• KnowBe4 Unknowingly Hired Fake North Korean IT Worker

• Learn a new language with a Babbel subscription for 76% off right now

• Are You Configured for Failure?

• KnowBe4 Unknowingly Hires Fake North Korean IT Worker

• How Behavioral Biometrics Enhances Fraud Prevention

• The future of work: How Salesforce and Workday’s AI alliance will transform your office

• Meta Quest 3 is getting AI before Apple’s Vision Pro does – here’s how to enable it

• The best external hard drives of 2024: Expert tested

• How my 4 favorite AI tools help me get more done at work

• Zero Trust in the Age of AI: Join our online event to learn how to strengthen your security posture

• Telcos given extra time to retire 3G networks

• Sign up for a Costco membership and get a $40 gift card, free. Here’s how

• Congratulations to the Top MSRC 2024 Q2 Security Researchers!

• I tested the 3 best VPNs for streaming ahead of the Summer Olympics

• How to watch the 2024 Summer Olympics: Every streaming option

• Upgrade to Windows 11 Pro for $25 right now

• Meet Stability AI’s Stable Video 4D, a nuanced take on AI video generation

• AT&T data breach: What’s next for affected customers?

• KnowBe4 catches North Korean hacker posing as IT employee

• Zest Security Aims to Resolve, Not Just Mitigate Cloud Risks

• NHS Staff Say New Tech Will Treat Extra 18.6 Million Patients A Year

• SAFECOM and NCSWIC Publish Fall 2023 Joint SAFECOM-NCSWIC Bi-Annual Meeting Executive Summaries

• The best MagSafe battery packs of 2024: Expert tested and reviewed

• How to enable Slack notifications on your Apple Watch

• Building cyber-resilience: Lessons learned from the CrowdStrike incident

• TracFone will pay $16 million to settle FCC data breach investigation

• One of the best E Ink tablets I’ve tested is not a ReMarkable or Kindle Paperwhite

• The best portable jump starters of 2024: Expert recommended

• 10 social media scams and how to avoid them

• LA County Superior Court Hit by Ransomware Attack

• Alphabet Q2 Beats Expectations, But Shares Dip

• This versatile Dell laptop surprised me with 3 standout features

• The best headphones for working out: Expert tested and reviewed

• OpenAI’s budget GPT-4o mini model is now cheaper to fine-tune, too

• F5: AI Applications Will Complicate ‘Unsustainable’ Hybrid Multicloud Sprawl in Australia

• Uncle Sam opens probe into CrowdStrike turbulence at Delta Air Lines

• ASP.NET Core Web Apps

• This AI-powered Linux terminal app can help you learn how to use commands

• Summer Olympics: What IT Teams Need to Do Before & During the Event for Their Businesses

• Is GhostEmperor Back? Sygnia Finds Clues in Recent Cyber Incident

• State-Sponsored Cyber Threats: Daggerfly’s Upgraded Malware Toolkit

• Canada’s Oil and Gas Sector Faces Rising Cybersecurity Threats Amid Digital Transformation

• KnowBe4 targeted by North Korea with Insider Threat

• How Amazon can turn around its failing Alexa business in 4 steps

• One of the best work laptops I’ve tested is not a Lenovo ThinkPad or MacBook

• The best Kindle readers of 2024: Expert tested and reviewed

• 7 Best Business Antivirus Software Solutions in 2024

• ISC Releases Security Advisories for BIND 9

• CrowdStrike offers a $10 apology gift card to say sorry for outage

• OT/ICS and IoT Incident Response Plan

• AI Surveillance at Paris Olympics Raise Privacy Concerns

• Smishing Exposed How to Recognize Report and Prevent Text Message Scams

• Google Cancels Plan To Axe Third Party Cookies For Chrome Browser

• I can’t travel without this Anker GaN wall charger. Here’s why you shouldn’t either

• CrowdStrike: Buggy Validator Started Massive Outage

• Robot Dog Internet Jammer

• The best radar detectors: Expert recommended

• The sub-$50 earbuds I recommend most aren’t by Bose or Sony

• The best drones of 2024: Expert tested and reviewed

• Windows Patch Tuesday update might send a user to the BitLocker recovery screen

• 12 top contact center platforms of 2024

• Organizations Warned of Exploited Twilio Authy Vulnerability

• Meta Releases Open Source Llama 3.1 AI Model

• ShadowRoot Ransomware Attacking Organizations With Weaponized PDF Documents

• This Sony Bravia is my No. 1 most recommended TV right now – and it would be great to watch the Olympics

• The best self-cleaning litter boxes of 2024: Expert tested

• The best large tablets of 2024: Expert tested and reviewed

• Slack now offers four iPhone widgets – here’s how you can use them

• One of Samsung’s best TVs of all time is on sale and would be a great TV for the Olympics

• Mimecast Announces Acquisition of Code42, Expands Human Risk Management Platform with Visibility into Insider Threats

• Network of ghost GitHub accounts successfully distributes malware

• Indian Firm Linked to Fake DMCA Notices Silencing Journalists

• BlueStacks Emulator For Windows Flaw Exposes Millions Of Gamers To Attack

• Chinese Hackers Using Shared Framework To Create Multi-Platform Malware

• Beware Of Malicious Python Packages That Steal Users Sensitive Data

• 250 Million Hamster Kombat Players Targeted Via Android And Windows Malware

• BreachForumsV1 Database Leaked: Private messages, Emails & IP Exposed

• The best iPad keyboard cases of 2024: Expert tested and reviewed

• 7 password rules to live by in 2024, according to security experts

• The best digital notebooks you can buy in 2024: Expert tested and reviewed

• Risk & Repeat: Faulty CrowdStrike update causes global outage

• Two Vulnerabilities Discovered in LangChain GenAI Framework

• CISOs, CIOs Struggle with Data Protection Challenges in AI, Cloud Era

• Vanta raises $150 million accelerate its AI product innovation

• Crisis communication: What NOT to do

• Data pilfered from Pentagon IT supplier Leidos

• Cybersecurity Startup Protexxa Closes $10M Series A Round

• U.S. Government Escalates Sanctions to Combat Rising Cybersecurity Threats

• CrowdStrike Shares How a Rapid Response Content Update Caused Global Outage

• Google Chrome 127 Released with a fix for 24 Security Vulnerabilities

• Check Point Research Reveals Q2 2024 Brand Phishing Trends: Microsoft Tops List While New Entries Signal Shifting Threat Landscape

• 3 ways Meta’s Llama 3.1 is an advance for Gen AI

• Credit Karma unveils updated AI tools to help you better understand your finances

• Philippines to End Online Casinos, Maybe Scams Too

• Malware Campaigns Target Hamster Kombat Players

• Verizon Subsidiary Settles With FCC for $16M Over Three Data Breaches

• CrowdStrike Admits it Doesn’t ‘Canary’ Test all Updates

• Optimizing Security Operations with DirectDefense

• Russia-Linked Brute-Force Campaign Targets EU via Microsoft Infrastructure

• DeFi Crypto Exchange dYdX v3 Website Hacked in DNS Hijacking Attack

• How the Newest Tech Changes Cybersecurity Needs in the Legal Industry

• Microsoft Account Security Alert Email: Recognize the Scam

• CrowdStrike blames buggy testing software for disastrous update

• Wiz Rejects $23 Billion Acquisition Bid From Google – Report

• The best electric screwdrivers of 2024: Expert tested and reviewed

• A Hacker ‘Ghost’ Network Is Quietly Spreading Malware on GitHub

• Dazz snaps up $50M for AI-based, automated cloud security remediation

• How a Trust Center Solves Your Security Questionnaire Problem

• Researchers Detail on How Defenders Eliminate Detection Gaps in AWS Environments

• Report: HHS Needs to Beef up Cloud Security and Skills

• Fake CrowdStrike Repair Manual Pushes New Infostealer Malware

• CrowdStrike Explains Why Bad Update Was Not Properly Tested

• Coalfire announces Cyber Security On-Demand portfolio

• Extracting Value from Your Investment in AI

• Microsoft Blames 2009 EU Agreement For World’s Biggest IT Outage

• Windows SmartScreen Flaw Enabling Data Theft in Major Stealer Attack

• The Hidden Menace of Phantom Attackers on GitHub by Stargazers Ghost Network

• Private Internet Access (PIA) vs NordVPN: Which VPN Is Better?

• This Machine Exposes Privacy Violations

• China-linked APT group uses new Macma macOS backdoor version

• Chinese Espionage Group Upgrades Malware Arsenal to Target All Major Operating Systems

• Patchwork Hackers Target Bhutan with Advanced Brute Ratel C4 Tool

• How to Reduce SaaS Spend and Risk Without Impacting Productivity

• Accelerating Analysis When It Matters

• 10 Ways AI Can Help Organizations Tackle Cyberattacks

• Drone Usage Policy

• Alphabet’s Reported $23B Bet on Wiz Fizzles Out

• Critical Exim Vulnerability Threatens Millions of Email Servers

• North Korean Hackers Targeted Cybersecurity Firm KnowBe4 with Fake IT Worker

• Cybersecurity News: Wiz deal crumbles, CrowdStrike aftermath, dYdX exchange hack

• A (somewhat) complete timeline of Talos’ history

• The Power and Peril of RMM Tools

• Infostealer Campaign Exploits Microsoft Windows SmartScreen Flaw to Spread Payloads

• Craxel Black Forest Reaper boosts cyber defense for organizations

• British politicians show exactly what NOT to do online

• Possible APT28-linked Hackers Target Ukraine’s Scientific Institutions

• Permit Share-If enables developers to implement secure collaboration features into their apps

• CrowdStrike Explains Friday Incident Crashing Millions of Windows Devices

• Pentagon IT Service Provider Hacked: U.S. Government Secrets Exposed

• The Dual Impact of AI on Power Grids: Efficiency and Vulnerability

• Chinese ‘Cybercrime Syndicate’ Behind Gambling Sites Advertised at European Sporting Events

• Google Abandons Plan to Drop Third-Party Cookies in Chrome

• School gets an F for using facial recognition on kids in canteen

• Cyber Insurance Market Evolves as Threat Landscape Changes

• Emulating and Detecting Scattered Spider-like Attacks

• SocGholish: Fake update puts visitors at risk

• Verizon to Pay $16 Million in TracFone Data Breach Settlement

• Why SPRS Matters and 4 Steps to Improve Your Security Posture

• GitGuardian’s tool helps companies discover developer leaks on GitHub

• Google Criticized for Abandoning Cookie Phase-Out

• The Value in Root Cause Analysis for Vulnerability Management

• BreachForums v1 database leak is an OPSEC test for hackers

• Spanish Police Arrest Three Suspects Linked to Pro-Moscow NoName057(16) Hackers

• “Mouse Logger” Malicious Python Script, (Wed, Jul 24th)

• CISA Adds Twilio Authy and IE Flaws to Exploited Vulnerabilities List

• Microsoft Defender Flaw Exploited to Deliver ACR, Lumma, and Meduza Stealers

• Forget security – Google’s reCAPTCHA v2 is exploiting users for profit

• Ransomware attack shuts down Superior Court of Los Angeles County

• How a business can attain Cyber Resilience in digital era

• CrowdStrike CEO is summoned before the Homeland Security committee. Cyber Security Today for Wednesday, July 24, 2023

• Chinese Hackers Target Taiwan and U.S. NGO with MgBot and MACMA Malware

• CrowdStrike blames a test software bug for that giant global mess it made

• Security biz KnowBe4 hired fake North Korean techie, who got straight to work … on evil

• Cybersecurity ROI: Top metrics and KPIs

• Cybersecurity jobs available right now: July 24, 2024

• Infisical: Open-source secret management platform

• AI accelerates code development faster than security teams can keep up

• Most Airlines Except One Are Recovering From the CrowdStrike Tech Outage. The Feds Have Noticed

• ISC Stormcast For Wednesday, July 24th, 2024 https://isc.sans.edu/podcastdetail/9066, (Wed, Jul 24th)

• Philippines wipes out its legit online gambling industry to take down scammers

• AI arms race escalates: OpenAI offers free GPT-4o Mini fine-tuning to counter Meta’s Llama 3.1 release

• How did a CrowdStrike config file crash millions of Windows computers? We take a closer look at the code

• How Disney and Marvel designed a Vision Pro multiverse with you as its hero

• FrostyGoop ICS malware targets Ukraine

• Vendor Risk Management from the Inside Out

• Eclypsium @ Black Hat

• Eclypsium for Data Centers

• IT Security News Daily Summary 2024-07-23

• Yann LeCun says Meta AI ‘quickly becoming most used’ assistant, challenging OpenAI’s dominance

• How Pearson’s AI assistant can help teachers save time

• Intro: How to use BlackArch Linux for pen testing

• Get a Microsoft Visual Studio Pro license for 90% off

• The best 50-inch TVs of 2024: Expert recommended

• Buy a one-year subscription to Microsoft 365 for $45 right now

• The best sleep trackers of 2024: Expert tested and reviewed

• Cisco and social justice: A commitment with deep roots and a bold future

• How did a CrowdStrike config file crash millions of Windows computers? We take a closer look

• The Ninja Creami Ice Cream Maker is still $32 off after Prime Day

• Microsoft Copilot vs. Copilot Pro: Is the subscription fee worth it?

• The best robot mops for 2024: Expert tested and reviewed

• Buy Microsoft Office 2021 for Windows for $60

• The best rugged phones of 2024: Expert tested and reviewed

• You can still buy an iPhone 15 for one cent after Prime Day – here’s how the deal works

• Phish-Friendly Domain Registry “.top” Put on Notice

• Empower Your Developers with Software Supply Chain Security

• Deep Sea Phishing Pt. 1

• What You Need to Know About SEC Compliance Requirements

• MFA Failures and Surging Ransomware Losses: What’s Going On?

• The best robot mowers of 2024: Expert tested and reviewed

• Motorola’s $399 Razr is the cheapest foldable phone deal right now (and it’s surprisingly good)

• Samsung Galaxy Z Fold 6 vs. OnePlus Open: I’ve tested both and the winner is not so obvious

• The best robot vacuums for pet hair of 2024: Expert tested and reviewed

• Become a Sam’s Club member for $25 – that’s 50% off

• I replaced my Samsung Galaxy S24 Ultra with the Z Fold 6 for a week – and can’t go back

• The best Roborock vacuums of 2024: Expert tested and reviewed

• Mass layoffs and data breaches could be connected

• Canadian Startup Protexxa Attracts $10 Million Series A Financing

• OpenAI shares safety updates after whistleblower complaints, lawmaker demands

• Change this Android setting to instantly give your phone twice the speed

• The best robot vacuum mops of 2024: Expert tested and reviewed

• QR Codes: Convenience or Cyberthreat?

• Play Ransomware Variant Targeting Linux ESXi Environments

• Copilot Pro vs. ChatGPT Plus: Which AI chatbot is worth your $20 a month?

• The best iPhone power banks of 2024: Expert tested and reviewed

• Linux Mint 22 is official! Here’s what’s new and how to try it for yourself

• This stereo amp made me feel like I was hearing my favorite songs for the first time

• Meta inches toward open source AI with new LLaMA 3.1

• Hackers abused swap files in e-skimming attacks on Magento sites

• Protecting AI systems from cyber threats

• Administrators have update lessons to learn from the CrowdStrike outage

• IRS Warns Car Dealers of New Phishing and Smishing Threats

• Whose Voice Is It Anyway? AI-Powered Voice Spoofing for Next-Gen Vishing Attacks

• Why NDR is Key to Cyber ‘Pest Control’

• Amazon revamps Prime Video to help you navigate your content and subscriptions

• Leaked Google TV Streamer photos show a device nothing like the Chromecast

• The best NAS devices of 2024: Expert tested

• The best power banks of 2024: Expert tested

• Cyber Security Public-Private Partnerships Are Taking Off in APAC

• Introducing Identity Continuity™: Uninterrupted access and security in an always-on world

• Strata Identity Announces General Availability of Identity Continuity for Zero Application Downtime During IDP Outages

• AppViewX AVX ONE CLM – Managing Java TrustStore with Google Cloud Platform

• H1 SCA Roundup – Defending Users Against Constantly Evolving Cyber Threats

• EFF Angry as Google Keeps 3rd-Party Cookies in Chrome

• New Exploit Variation Against D-Link NAS Devices (CVE-2024-3273), (Tue, Jul 23rd)

• Statement from CISA Director Easterly on Leadership Changes at CISA

• Play Ransomware targets VMware ESXi Servers

• Strengthening Cybersecurity in Healthcare

• Italy Investigates Google for Unfair Practices in Obtaining User Consent for Ad Profiling

• Google admits it can’t quite quit third-party cookies

• CISA Releases Four Industrial Control Systems Advisories

• National Instruments IO Trace

• National Instruments LabVIEW

• CISA Adds Two Known Exploited Vulnerabilities to Catalog

• Hitachi Energy AFS/AFR Series Products

• Imperva Customers Protected Against Critical ServiceNow Vulnerability

• Heimdal Integrates with Autotask PSA to Elevate MSP Operations and Drive Market Expansion

• How Cyber Risks Have Become Business Risks

• Cybercrooks spell trouble with typosquatting domains amid CrowdStrike crisis

• Google Will Keep Third-Party Cookies in Chrome

• Pro-Houthi Group Deploys Android Spyware to Target Yemeni Humanitarian Orgs

• How an IT Team Used Windows 3.1 to Mitigate a Massive CrowdStrike Outage

• Sensitive Health Data of 12.9 Million Individuals Stolen in Cyberattack

• iRobot just launched the most feature-packed Roomba ever – and it costs less than you think

• Microsoft scraps Copilot Pro GPT Builder and removes all user data

• Alphabet’s reported $23B bet on Wiz fizzles out

• LOKKER introduces web privacy risk summary for insurers

• Russia Shifts Cyber Focus to Battlefield Intelligence in Ukraine

• Chinese Espionage Group Upgrades Malware Arsenal to Target All Major OS

• How To Manage Alert Overload and Build the Skills of Your Security Team

• Study: TikTok Lite is a ‘safety hazard’ for millions of users around the world

• Standalone Service Mesh Solution or Lightweight Option: Which is Right for You?

• Mexico’s Largest ERP Provider ClickBalance Exposes 769 Million Records

• The best AI image generators of 2024: Tested and reviewed

• Ketch No-Code Rights Automation empowers non-technical teams to manage DSR requests

• Strata Identity Continuity prevents mission-critical applications from going offline

• Why MSSPs Should Transition from Fear-Based Sales Strategies to a Value-Centric Approach

• Switzerland now requires all government software to be open source

• SCW Trust Agent measures developers’ security competencies for code commits

• Chinese Hackers Target Taiwan and US NGO with MgBot Malware

• Hackers Abusing Google Cloud For Phishing

• Beware Of Dating Apps Exposing Your Personal And Location Details To Cyber Criminals

• Google backpedals on plan to eliminate third-party cookies in Chrome

• User Protection Suite Secures Against Talos Top Ransomware Attack Trends

• Striking a Chord Between My Passions and Career at Cisco

• Wiz Walks Away From $23 Billion Google Bid

• Supply Chain Cyberattacks are on the Rise – Here’s How U.S. Businesses can Fortify Their Defenses

• Shadow IT: The Unavoidable Reality and How To Embrace It Safely

• Security Challenges in AI-Powered Applications

• 5 Reasons IGA Programs Fail

• CrowdStrike Speeding Up Remediation of Systems Hit by Blue Screen of Death

• Navigating the Cyber Landscape: Understanding Threat Intelligence

• Popular Ukrainian Telegram Channels Hacked to Spread Russian Propaganda

• New ICS Malware ‘FrostyGoop’ Targeting Critical Infrastructure

• Price Drop: Get on CompTIA Certification Track With These $25 Study Guides

• Bitwarden vs Dashlane (2024): Which Password Manager Is Best?

• WPA2 vs. WPA3

• 2017 ODNI Memo on Kaspersky Labs

• CISOs and CIOs confront growing data protection challenges in the era of AI and cloud

• The changes in the cyber threat landscape in the last 12 months

• Privilege escalation: unravelling a novel cyber-attack technique

• Enhancing the cybersecurity talent pool is key to securing our digital future

• FrostyGoop Malware Used to Shut down Heat in Ukraine Attack

• Two Russian Nationals Charged for Cyber Attacks against U.S. Critical Infrastructure

• Law Enforcement Disrupts DDoS-for-Hire Service DigitalStress

• Ukrainian Institutions Targeted Using HATVIBE and CHERRYSPY Malware

• Meta Given Deadline to Address E.U. Concerns Over ‘Pay or Consent’ Model

• Magento Sites Targeted with Sneaky Credit Card Skimmer via Swap Files

• How to Securely Onboard New Employees Without Sharing Temporary Passwords

• Everyone Has a Zero-Trust Plan Until They Get Punched in the Face

• Vulnerabilities in LangChain Gen AI

• Hiring Kit: Security Architect

• How Russia-Linked Malware Cut Heat to 600 Ukrainian Buildings in Deep Winter

• 1-15 April 2024 Cyber Attacks Timeline

• Ransomware Takedowns Leave Criminals Scrambling for Stability

• Cybersecurity News: CrowdStrike update, Russian criminals sanctioned, ransomware shuts down courts

• Nvidia Said To Develop ‘Blackwell’ AI Chip For China

• Xiaomi Entered EV Market ‘Due To US Sanctions’

• Double-Digit Growth For Google Expected Amidst AI Push

• US Cracks Down On Tech Shipments To Russia

• Wisk Plans Autonomous Air Taxi Flights By Decade’s End

• Securing Diverse Environments: Security Configuration Management

• The Importance of Ethics in Cybersecurity

• Cursed tapes: Exploiting the EvilVideo vulnerability on Telegram for Android

• UK: NCA Infiltrates DDoS-for-Hire Site as Suspected Controller Arrested in Northern Ireland

• Vulnerability in Telegram app for Android allows sending malicious files disguised as videos

• How to Enhance Your System’s Security with Master Data Governance

• Dragos: New ICS malware FrostyGoop abuses Modbus

• Hackers shut down heating in Ukrainian city with malware, researchers say

• US Gov sanctioned key members of the Cyber Army of Russia Reborn hacktivists group

• Securing AI around the world

• Global Outage: What Went Wrong with Microsoft?

• Rezonate Streamlines Identity Security Across IT Environments

• Gcore raises $60 million to drive AI innovation

• Prolific DDoS Marketplace Shut Down by UK Law Enforcement

• Threat Actors Taking Advantage of CrowdStrike BSOD Bug to Deliver Malware

• Wiz to Pursue IPO as It Walks Away From $23 Billion Google Deal

• Solving the 7777 Botnet enigma: A cybersecurity quest

• NCA Shut’s Down the Most Popular “digitalstress” DDoS-for-hire Service

• From Smartphones to State Security: The Reach of China’s New Surveillance Laws

• 4 Ways BYOI and Social Login Enhance User Experience

• Play Ransomware’s Linux Variant Attacking VMware ESXi Servers

• Major Cyber Threats lurking at Paris Olympic Games 2024

• In Response to the Microsoft-CrowdStrike Incident: July 2024

• 5 Ways Generative AI is Revolutionizing Cybersecurity Defense

• The CISO’s approach to AI: Balancing transformation with trust

• Google Abandons Plan to Phase Out Third-Party Cookies in Chrome

• 10 fintech companies to watch in 2024

• Wiz walks away from Google’s $23B acquisition offer: Read the CEO’s note to employees

• Despite economic uncertainty, organizations are prioritizing SaaS security investments

• Confidential AI: Enabling secure processing of sensitive data

• Firmware, Supply Chain, and Frameworks – NIST SP 800-53

• ISC Stormcast For Tuesday, July 23rd, 2024 https://isc.sans.edu/podcastdetail/9064, (Tue, Jul 23rd)

• Google’s plan to drop third-party cookies in Chrome crumbles

• EvilVideo, a Telegram Android zero-day allowed sending malicious APKs disguised as videos

• Fight for global AI lead may boil down to governance

• This Firefox extension is a must-have tool for YouTube super users

• I changed these 5 TV settings to lower my electric bill. Here’s why they work

• How ‘bubbling’ Android messages can simplify your text life

• IT Security News Daily Summary 2024-07-22

• Microsoft Releases Tool to Fix CrowdStrike-Caused Windows Chaos

• Apple accelerates AI efforts: Here’s what its new models can do

• New Microsoft Recovery Tool for CrowdStrike Issue on Windows Endpoints

• Buy Microsoft Office for Windows or Mac for $25 right now

• NCSWIC Planning Training, and Exercise Committee releases the Human Factors Resource Guide

• Can’t hear TV dialogue? 3 fixes to dramatically improve your television’s audio – and 2 are free

• The best rechargeable batteries of 2024

• Global cops power down world’s ‘most prolific’ DDoS dealership

• The best satellite phones of 2024: Expert tested and reviewed

• Get a Babbel subscription for 76% off right now

• What is exposure management?

• Vulnerability Recap 7/22/24 – CrowdStrike Issue Is One of Many

• Supreme Court Dodges Key Question in Murthy v. Missouri and Dismisses Case for Failing to Connect The Government’s Communication to Specific Platform Moderation

• The First 10 Days of a vCISOs Journey with a New Client

• Multiple Vulnerabilities Found In XenForo Internet Forum Solution

• Save 33% with a free Xbox Game Pass: Don’t miss this Fire TV Stick bundle post-Prime Day sale

• One of the best productivity laptops I’ve tested is not made by Lenovo or Apple

• The best M.2 SSDs of 2024: Expert tested and reviewed

• CrowdStrike’s Faulty Update Triggers Global Microsoft Outage

• Daniel Stori’s ‘Blue Screen of Death’

• ShapeUp at Flare: A Game-Changer for Project Management

• USENIX Security ’23 – High Recovery With Fewer Injections: Practical Binary Volumetric Injection Attacks Against Dynamic Searchable Encryption

• Complex Technology Stack Supports Sprawling Chinese Crime Operation

• SPF, DKIM, DMARC Setup Guide for Google Workspace

• Want to try GPT-4o mini? 3 ways to access the smarter, cheaper AI model – and 2 are free

• Sign up for a Costco membership and get a $40 gift card for free. Here’s how

• The best microSD cards of 2024: Expert tested

• Upgrade to Windows 11 Pro for $40 right now

• Samsung Messages is getting bumped for Google’s app. Here’s how to prepare

• The best laptops of 2024 under $1,000: Expert tested and reviewed

• Linx Security Raises $33M to Tackle Digital Identity Threats

• CodeSecDays 2024: A Deep Dive in Software Supply Chain Security

• Telegram Android Vulnerability “EvilVideo” Sends Malware as Videos

• The best laptop cooling pads of 2024: Expert tested

• How to stop spam texts on your iPhone in 3 easy steps

• How to watch the 2024 Summer Olympics without cable

• How to use the AWS Secrets Manager Agent

• Snag this 85-inch TCL TV for just $1,000 after Prime Day

• The Samsung TV most people should buy isn’t even the latest, and it’s $1,300 off after Prime Day

• Every iPhone model that can be updated to Apple’s iOS 18 (and which ones can’t)

• Cisco Decipher: Enhancing US Public Sector Cybersecurity Knowledge

• LA County Superior Court closes doors to reboot justice after ransomware attack

• 10,000 WordPress Sites Affected by High Severity Vulnerabilities in BookingPress WordPress Plugin

• NHS Delays Continue After Windows Outage

• Chinese Vigorish Viper Exploits DNS and Football Sponsorships for Illegal Gambling

• Empowering Developers in Code Security

• One of the best QLED TVs I’ve tested is still $400 off even after Prime Day

• Why don’t more people use desktop Linux? I have a theory you might not like

• CrowdStrike’s fallout, Harris’s stance on tech and Yandex’s rise from the ashes

• Cybercrooks crafting solo careers in wake of ransomware takedowns

• Quantum Navigation as the Successor to GPS

• Massive Cyber Attack Hits MediSecure, Impacting Millions of Australians

• WazirX Responds to Major Cyberattack with Trading Halt and Bounty Program

• Dark Web Intel Underutilized by CISOs, Diminishing Healthcare Industry

• I tested MSI’s $4,000 laptop for work, and it’s the MacBook Pro’s biggest competition

• Why Privacy Badger Opts You Out of Google’s “Privacy Sandbox”

• Play Ransomware Expands to Target VMWare ESXi Environments

• Indian PM Narender Modi asks to Log Off of each Microsoft Windows Sessions

• CrowdStrike Says ‘Significant Number’ Of Systems Back Online

• I improved my iPhone’s battery life by changing these 10 settings

• TechCrunch Minute: What caused last week’s major tech outage?

• Safety Equipment Giant Cadre Holdings Hit by Cyberattack

• What I learned from the ‘Microsoft global IT outage’

• Forget Windows 11: Nobara Linux is the OS for everyone

• Google plans mass crackdown on Android apps that don’t meet these new standards

• Explaining the largest IT outage in history and what’s next

• Scammers Rush In to Exploit CrowdStrike Chaos

• Ransomware Groups Fragment Amid Rising Cybercrime Threats

• Heritage Foundation data breach containing personal data is available online

• CrowdStrike caused Windows outage chaos for airports, banks, and more. Here’s what happened

• Electrifying Jackery deals extended by 48 hours! Power station prices slashed by up to 50%!

• Get a Lifetime Subscription of FastestVPN for just $40

• Where to place a firewall in an enterprise network

• US Sanctions Russian Hacktivists for Targeting Critical Infrastructure

• Beyond Your Mess for Less: How Managed Services can Provide Sustainable Solutions for Organizational Cybersecurity

• How to Prepare Your Workforce for the Deepfake Era

• Experts Uncover Chinese Cybercrime Network Behind Gambling and Human Trafficking

• Microsoft releases a CrowdStrike recovery tool – here’s how it works

• Oracle coughs up $115M to make privacy case go away

• CISA Alert Calls Out Operating System Vulnerabilities

• Ransomware Attack Shuts Down LA County Courts, Halts Inmate Transfers, Evictions

• SonicOS IPSec VPN Vulnerability Let Attackers Cause Dos Condition

• Microsoft releases CrowdStrike recovery tool – here’s how it works

• Vulnerability Summary for the Week of July 15, 2024

• CrowdStrike: The Monday After, (Mon, Jul 22nd)

• Hackers Registered 500k+ Domains Using Algorithms For Extensive Cyber Attack

• Who needs ransomware when a faulty software update can shut down critical infrastructure?

• Linx emerges from stealth with $33M to lock down the new security perimeter: Identity

• EU gave CrowdStrike the keys to the Windows kernel, claims Microsoft

• Heeler Security raises $8.5 million to boost application security

• PINEAPPLE and FLUXROOT Hacker Groups Abuse Google Cloud for Credential Phishing

• India’s Largest Cryptocurrency Exchange WazirX Hacked: $234.9 Million Stolen

• Pioneering the New Frontier in AI Consumer Protection and Cyber Defense

• Two Russians sanctioned over cyberattacks on US critical infrastructure

• Microsoft releases tool to speed up recovery of systems borked by CrowdStrike update

• CrowdStrike: Key Perspectives on the IT Outage

• Hackers Claim Breach of Daikin: 40 GB of Confidential Data Exposed

• What caused the great CrowdStrike-Windows meltdown of 2024? History has the answer

• SocGholish malware used to spread AsyncRAT malware

• Application Security Startup Heeler Raises $8.5 Million in Seed Funding

• MSPs & MSSPs: How to Increase Engagement with Your Cybersecurity Clients Through vCISO Reporting

• How to Set up an Automated SMS Analysis Service with AI in Tines

• Emojis Are To Express Emotions, But CyberCriminals For Attacks

• The Pentagon Wants to Spend $141 Billion on a Doomsday Machine

• Snake Mimics a Spider

• The time is NOW to Support Passkeys for Your Customer Authentication!

• Beware Of Fake Browser Updates That Installs Malicious BOINC Infrastructre

• Surfshark vs CyberGhost (2024): Which VPN Is Better?

• Fake Grand Theft Auto VI Beta Download Spreads Malware

• CrowdStrike Incident Leveraged for Malware Delivery, Phishing, Scams

• Industry Moves for the week of July 22, 2024 – SecurityWeek

• California Officials Say Largest Trial Court in US Victim of Ransomware Attack

• VW Chief Discusses Free Trade With China Officials

• Data Breach Increases by Over 1,000% Annually

• Russian Nationals Plead Guilty to Participating in the LockBit Ransomware Group

• Securing the Grid: How Ransomware is Targeting Energy and Oil Sectors

• Join CISO Series Podcast LIVE in Seattle (08-21-24)

• From RA Group to RA World: Evolution of a Ransomware Group

• Tesla Production Lines ‘Shut Down’ By Global IT Outage

• Nigeria Fines Meta $220m Over Privacy Infringements

• Editorial: CrowdStrike Outage: Is Our IT Too Fragile?

• Cybercriminals Exploit CrowdStrike Outage Chaos

• Cybersecurity News: CrowdStrike hits Cloud PCs, criminals exploit CrowdStrike fix, CISA rebuked

• UK Arrests Suspected Scattered Spider Hacker Linked to MGM Attack

• 5 Phased Approach to Vulnerability Management: Best Practices

• MitM Attacks: Understanding the Risks and Prevention Strategies

• Attackers Abuse Swap File to Steal Credit Cards

• The Human Adaptability Gap and How to Close It

• Pro-Russia Hacktivists Target Olympic Games

• Oracle To Pay $115m In Privacy Lawsuit Settlement

• US Sanctions Russian Hackers Over Infrastructure Attacks

• US Sanctions Two Members of Russian ‘Cyber Army’ Hacktivist Group

• Analyzing Container Escape Techniques in Cloud Environments

• Two Russians Convicted for Role in LockBit Attacks

• Can I create and amend a PDF file on an iPhone for free?

• UK Police Arrested 17-year-old Boy Responsible for MGM Resorts Hack

• UK police arrested a 17-year-old linked to the Scattered Spider gang

• Fake CrowdStrike Fixes Target Companies With Malware, Data Wipers

• Experts Expect Ransomware Surge After Police Disruption

• A week in security (July 15 – July 21)

• SocGholish Malware Exploits BOINC Project for Covert Cyberattacks

• Our Shared Responsibility: Africa’s Cybersecurity Imperative

• CISA Says Malicious Hackers are ‘Taking Advantage’ of CrowdStrike Outage

• China Claims Volt Typhoon was a False Flag Inside Job Conspiracy

• Worst Cyber Event in History: CrowdStrike Update Causes Global Chaos. Cyber Security Today Special Edition for Monday, July 22, 2024

• Microsoft 2024 Windows IT meltdown impacts about 8.5 million devices

• How to Negotiate Ransomware Attacks: A Strategic Guide

• Media Briefing: EFF, Partners Warn UN Member States Are Poised to Approve Dangerous International Surveillance Treaty

• New Linux Variant of Play Ransomware Targeting VMware ESXi Systems

• Media Briefing: EFF, Partners Warn UN Member States are Poised to Approve Dangerous International Surveillance Treaty

• Cross-industry standards for data provenance in AI

• New Linux Variant of Play Ransomware Targeting VMWare ESXi Systems

• CIA AI director Lakshmi Raman claims the agency is taking a ‘thoughtful approach’ to AI

• Cellebrite got into Trump shooter’s Samsung device in just 40 minutes

• Cyber insurance 2.0: The systemic changes required for future security

• Shuffle Automation: Open-source security automation platform

• Ad-injecting malware posing as DwAdsafe ad blocker uses Microsoft-signed driver

• ISC Stormcast For Monday, July 22nd, 2024 https://isc.sans.edu/podcastdetail/9062, (Mon, Jul 22nd)

• CrowdStrike’s Falcon Sensor also linked to Linux kernel panics and crashes

• Fake Hot Fix for CrowdStrike ”crowdstrike-hotfix.zip” Spreads Remcos RAT

• IT Security News Weekly Summary – Week 29

• IT Security News Daily Summary 2024-07-21

• Global IT Outage Disrupts Airlines, Hospitals, and Financial Institutions

• The Vital Role of Ethical Hacking in Cyber Security

• Government Shuts Down Two Telemarketing Giants for 5.5 Million Fraudulent Calls

• Global Outage Caused by Anti-Virus Update from Crowdstrike

• Recent IT Meltdown: CrowdStrike Update Causes Global Chaos, Predicted Hours Earlier on Reddit

• USENIX Security ’23 – How Fast Do You Heal? A Taxonomy For Post-Compromise Security In Secure-Channel Establishment

• Get a one-year subscription to Microsoft 365 for $45 right now: Last chance

• Last chance to get a Microsoft Visual Studio Pro license for 92% off

• Security Affairs Malware Newsletter – Round 3

• Beware Grand Theft Auto Fans! Fake GTA VI Beta Download Spreads Malware

• Microsoft Says 8.5 Million Windows Devices Impacted by CrowdStrike Incident, Publishes Recovery Tool

• The Critique of Pure Reason: Understanding Cyber Security Epistemology Through Kantian Philosophy

• Security Affairs newsletter Round 481 by Pierluigi Paganini – INTERNATIONAL EDITION

• Digital Identities Have Evolved — Cyber Strategies Should Too

• Get Microsoft Office 2021 for Windows for $40: Last chance on the lowest price of the year

• On Entrust? Imperva has your back!

• Buy Microsoft Project Pro or Microsoft Visio Pro for $20 right now: Last chance

• Finally, a rugged Android phone that doesn’t look like a brick (and won’t break the bank)

• U.S. CISA adds Adobe Commerce and Magento, SolarWinds Serv-U, and VMware vCenter Server bugs to its Known Exploited Vulnerabilities catalog

• Want to be an IT pro? Here are 4 ways to look like a great job candidate

• Week in review: CrowdStrike update causes widespread IT outage, critical Splunk Enterprise flaw

Generated on 2024-07-28 23:58:23.754973