IT Security News Weekly Summary – Week 34

• IT Security News Daily Summary 2024-08-25

• Traderie – 364,898 breached accounts

• North Korea Exploited Windows Zero-Day Vulnerability to Install Fudmodule

• The Port of Seattle and Sea-Tac Airport say they’ve been hit by ‘possible cyberattack’

• Iranian Hackers Targeted WhatsApp Accounts of Staffers in Biden, Trump Administrations, Meta Says

• Worried About Cash App Breach? These Three Steps Can Keep Your Financial Data Safe

• 16 Years of Cybercrime: The Story of Greasy Opal’s CAPTCHA Solver

• New Styx Stealer Malware Targets Browsers and Instant Messaging for Data Theft

• Sheltering From the Cyberattack Storm – Part Two

• Beyond CVSS: Advanced Vulnerability Prioritization Strategies for Modern Threats

• Dell Power Manager Privilege Escalation Vulnerability

• Progress WhatsUp Gold Vulnerabilities Let Attackers Inject SQL Commands

• Chrome Zero-day Vulnerability Actively Exploited in the Wild

• SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 8

• France police arrested Telegram CEO Pavel Durov

• U.S. CISA adds Versa Director bug to its Known Exploited Vulnerabilities catalog

• Security Affairs newsletter Round 486 by Pierluigi Paganini – INTERNATIONAL EDITION

• Week in review: PostgreSQL databases under attack, new Chrome zero-day actively exploited

• New Linux Malware ‘sedexp’ Hides Credit Card Skimmers Using Udev Rules

• Telegram Founder Pavel Durov Arrested in France for Content Moderation Failures

• Telegram Founder Pavel Durov Reportedly Arrested in France

• IT Security News Daily Summary 2024-08-24

• USENIX Security ’23 – TRust: A Compilation Framework For In-Process Isolation To Protect Safe Rust Against Untrusted Code

• Living with trust issues: The human side of zero trust architecture

• Hackers can take over Ecovacs home robots to spy on their owners

• PWA phishing on Android and iOS – Week in security with Tony Anscombe

• Misconfigured Access Controls in NetSuite Stores Cause Major Data Breach

• Cybercriminals Place 85-Year-Old Woman Under ‘Digital Arrest’ in Hyderabad, Cheat Her of ₹5.9 Crore

• Oil Giant Halliburton Hit by Cyberattack, Certain Systems Affected

• Cyble Research Reveals Near-Daily Surge in Supply Chain Attacks

• Unicoin’s Four-Day Cyberattack: Disruption, Recovery, and Ongoing Investigation

• The Limitations of Traditional Network-Based Vulnerability Scanning – And the Systematic Underestimation of Software Risks

• Cybersecurity Strategy: Understanding the Benefits of Continuous Threat Exposure Management

• Data Security Posture Management (DSPM) is an Important First Step in Deploying Gen AI and Copilot Tools

• Iranian Threat Actor TA453 Targets Jewish Figure with Fake Podcast Invite in Malicious Campaign

• Massive Data Breach Worsens as New Details Emerge Across US, UK, and Canada

• Protecting Your Wallet: Understanding NGate Android Malware

• Strategizing Compliance and Security In AI: A Hands-On Guide for IT Leaders

• Qilin Ransomware Upgrades and Now Steals Google Chrome Credentials

• The US Navy Has Run Out of Pants

• NSA Issues Guidance for Better Logging, Threat Detection to Prevent LotL Incidents

• CISA Adds Dahua IP Camera, Linux Kernel, and Microsoft Exchange Server Bugs to its KEV Catalog

• Greasy Opal’s CAPTCHA Solver Still Serving Cybercrime After 16 Years

• August 2024 Web Server Survey

• Slack Patches AI Bug That Exposed Private Channels

• Urgent Edge Security Update: Microsoft Patches Zero-day & RCE Vulnerabilities

• PEAKLIGHT Downloader Deployed in Attacks Targeting Windows with Malicious Movie Downloads

• Meta Exposes Iranian Hacker Group Targeting Global Political Figures on WhatsApp

• CISA Urges Federal Agencies to Patch Versa Director Vulnerability by September

• China-linked APT Velvet Ant Exploited Zero-Day to Compromise Cisco Nexus Switches

• Russian national arrested in Argentina for laundering money of crooks and Lazarus APT

• Exploit for CVE-2024-38054 Released: Elevation of Privilege Flaw in Windows Kernel Streaming WOW Thunk

• Hackers Now Use AppDomain Injection to Drop Cobalt Strike Beacons

• Cyber Security Today Week In Review: Saturday, August 24th, 2024

• Scammers are increasingly using messaging and social media apps to attack

• CISA Adds One Known Exploited Vulnerability to Catalog for Versa Networks Director

• Qilin ransomware steals credentials stored in Google Chrome

• Enhancing School Safety with Cloud Monitor: A Powerful Cyber Safety Protection Tool

• IT Security News Daily Summary 2024-08-23

• Friday Squid Blogging: Self-Healing Materials from Squid Teeth

• Cybercriminals Deploy New Malware to Steal Data via Android’s Near Field Communication (NFC)

• # OffSec 500 – Community Update 1

• Innovator Spotlight: ArmorCode

• Audit: FBI is Losing Track of Storage Devices Holding Sensitive Data

• Identities Aren’t for Sale: TSA Biometrics Technology and the Need for Consumer Consent

• Fake funeral “live stream” scams target grieving users on Facebook

• CrowdStrike 2024 report exposes North Korea’s covert workforce in U.S. tech firms

• Phishing attacks target mobile users via progressive web applications (PWA)

• NGate Android Malware Relays NFC Traffic to Steal Credit Card Data

• Florida Medical Lab Data Breach Exposes 300,000 Individuals’ Sensitive Information

• AI Revolutionizing Accounting: Experts Urge Accountants to Embrace Technology for Future Success

• Google Assures Privacy with Gemini AI: No Data Sharing with Third Parties

• Learn with Region 8’s Webinar Program

• Halliburton shuts down systems after cyberattack

• Member of cybercrime group Karakurt charged in the US

• Toward a code-breaking quantum computer

• Pig Butchering at Heart of Bank Failure — CEO Gets 24 Years in Jail

• Pool Your Cybersecurity Resources to Build the Perfect Security Ecosystem

• YouTube offers AI Chatbot assistance for hacked accounts

• The Role of Data Governance in Data Strategy: Part 3

• The best travel VPNs of 2024: Expert tested and reviewed

• The best VPN services for iPhone and iPad in 2024: Expert tested and reviewed

• How Immigration Can Solve America’s Cybersecurity Shortage

• SonicWall Issues Urgent Patch for Critical Firewall Vulnerability

• Qilin Ransomware Caught Stealing Credentials Stored in Google Chrome

• New PEAKLIGHT Dropper Deployed in Attacks Targeting Windows with Malicious Movie Downloads

• GM’s Cruise To Offer Robotaxis On Uber Platform

• The best VPN routers of 2024

• Myth-Busting Assurance: Device-Centric vs. Service-Centric and Why Both Are Key

• MoonPeak Malware From North Korean Actors Unveils New Details on Attacker Infrastructure

• Kanister Vulnerability Opens Door to Cluster-Level Privilege Escalation

• PG_MEM Malware Targets PostgreSQL Databases for Crypto Mining

• US sues Georgia Tech over alleged cybersecurity failings as a Pentagon contractor

• Ransomware Actors Extorted More Than $450 Million in First Half of 2024

• USDoD Hacker Behind $3 Billion SSN Leak Reveals Himself as Brazilian Citizen

• How Paris Olympic authorities battled cyberattacks, and won gold

• Local Networks Go Global When Domain Names Collide

• In Other News: FAA Improving Cyber Rules, Android Malware Enables ATM Withdrawals, Data Theft via Slack AI

• Mac Users Targeted by Hackers Through Microsoft App Security Flaw

• When Cybersecurity Fails: The Impact of the Microchip Technology Hack

• Body Of Mike Lynch’s Daughter Recovered, Amid Allegations Of Crew Mistakes

• The latest from Black Hat USA 2024

• Georgia Tech Sued Over Cybersecurity Violations

• Cyber-Informed Engineering – A New Perspective on OT Security

• Escape vs Rapid7

• Pandas Errors: What encoding are my logs in?, (Fri, Aug 23rd)

• Webinar: Experience the Power of a Must-Have All-in-One Cybersecurity Platform

• Firm That Sent Fake AI Robocalls Of Joe Biden Is To Pay $1m Fine

• New Phishing Campaign Targets US Government Organizations

• Hacker Tried to Dodge Child Support by Breaking Into Registry to Fake His Death, Prosecutors Say

• Take a Selfie Using a NY Surveillance Camera

• Leveraging Ancient Tactics for Modern Malware

• Focus on What Matters Most: Exposure Management and Your Attack Surface

• Best SEO Experts to Follow on Twitter (X) in 2025

• Cybereason Unveils SDR Data Ramp Program: Analyse and Detect Threats in 1TB of Log Data for 90 Days

• Qilin Caught Red-Handed Stealing Credentials in Google Chrome

• Bling Libra’s Tactical Evolution: The Threat Actor Group Behind ShinyHunters Ransomware

• New Qilin Ransomware Attack Uses VPN Credentials, Steals Chrome Data

• BlackSuit Ransomware Threat Actors Demand Up To $500 Million

• The Risks of Running an End Of Life OS – And How To Manage It

• Another critical SolarWinds Web Help Desk bug fixed (CVE-2024-28987)

• Cybersecurity News: Russia’s questionable DDoS, FAA’s cybersecurity proposal, Windows Recall reappears

• PoC Exploit Released for RCE 0-day CVE-2024-41992 in Arcadyan FMIMG51AX000J Model

• Publisher’s Spotlight: Checkmarx

• FBI Exposing Sensitive Data via Improper Handling of Storage Devices: Audit

• YouTube Launches AI Tool to Recover Hacked Accounts

• When War Came to Their Country, They Built a Map

• New malware Cthulhu Stealer targets Apple macOS users

• Fraudulent Slack Ad Shows Malvertiser’s Patience and Skills

• Innovator Spotlight: DataBee™

• Publisher’s Spotlight: Horizon3.ai

• Innovator Spotlight: DataBee™

• New Opportunistic Campaign Exploit Log4j Vulnerability for Cryptomining and System Compromise

• China-linked APT Velvet Ant exploited zero-day to compromise Cisco switches

• The Evolving Landscape of Identity and Access Management in 2024

• Hardware Backdoor in Millions of Shanghai Fudan Microelectronics RFID Cards Allows Cloning

• SolarWinds Leaks Credentials in Hotfix for Exploited Web Help Desk Flaw

• Drawbridge expands cyber risk assessment service

• Report Finds 50% of Organizations Experienced Major Breaches in the Past Year

• Critical GitHub Enterprise Server Flaw Patched, Admin Access at Risk

• Cybercriminals Exploit File Sharing Services to Advance Phishing Attacks

• Cyber Resilience Lacking, Organizations Overconfident

• Liverpool Fans Lose Big in Premier League Ticket Scams

• Popular search terms are leveraged in cyber attacks: Cyber Security Today for Friday, August 23, 2024

• Ransomware hits in these specific timings and steals data from Google Chrome

• Essential Topics to Study for a Career in Artificial Intelligence

• FIDO Alliance Releases Authenticate 2024 Agenda

• Latvian Hacker Extradited to U.S. for Role in Karakurt Cybercrime Group

• New macOS Malware “Cthulhu Stealer” Targets Apple Users’ Data

• Qilin Targets Chrome-Stored Credentials in “Troubling” New Attack

• Millions of Office and Hotel RFID Smart Cards Vulnerable to Instant Cloning Through Hidden Backdoor

• The changing dynamics of ransomware as law enforcement strikes

• Fraud tactics and the growing prevalence of AI scams

• Vulnerability prioritization is only the beginning

• Is your organisation at risk?

• Innovator Spotlight: Reach Security

• Innovator Spotlight: SecPod

• Uniting the brightest minds in security, network and cloud

• New infosec products of the week: August 23, 2024

• ISC Stormcast For Friday, August 23rd, 2024 https://isc.sans.edu/podcastdetail/9110, (Fri, Aug 23rd)

• Surveillance Watch

• A cyberattack hit US oil giant Halliburton

• How regulatory standards and cyber insurance inform each other

• SolarWinds left critical hardcoded credentials in its Web Help Desk product

• GuidePoint talks ransomware negotiations, payment bans

• USENIX Security ’23 – ZBCAN: A Zero-Byte CAN Defense System

• How Swimlane Can Help SOC Management

• IT Security News Daily Summary 2024-08-22

• Innovator Spotlight: Cigent

• Innovator Spotlight: ExtraHop

• Innovator Spotlight: Upwind

• Innovator Spotlight: Normalyze

• Innovator Spotlight: Harmonic Security

• Inside the CCNA v1.1 exam update: AI, machine learning, and more

• Innovator Spotlight: AppSOC

• Setting Up CORS and Integration on AWS API Gateway Using CloudFormation

• U.S. CISA adds Dahua IP Camera, Linux Kernel and Microsoft Exchange Server bugs to its Known Exploited Vulnerabilities catalog

• Report: Manufacturing Remains Atop Cyberattack Leader Board

• No, not every Social Security number in the U.S. was stolen

• Tesla Gigafactory Near Berlin Saw 500,000 Trees Felled – Report

• Microsoft Delays Recall Launch for Windows Insider Members Until October

• Cyber Security and IT Leadership: A Growing Threat to Australia’s Renewable Energy Efforts

• CrowdStrike exec refutes Action1 acquisition reports

• Are virtual machines safe for end users?

• SolarWinds fixed a hardcoded credential issue in Web Help Desk

• CrowdStrike deja vu as ‘performance issue’ leaves systems sluggish

• Oil Giant Halliburton Confirms Cyber Incident, Details Scarce

• Hardcoded Credential Vulnerability Found in SolarWinds Web Help Desk

• Hardware Backdoor Discovered in RFID Cards Used in Hotels and Offices Worldwide

• OpenAI Scans for Honeypots. Artificially Malicious? Action Abuse?, (Thu, Aug 22nd)

• California Reaches Deal With Google Over Journalism Legislation

• Fur Affinity Website Hacked in DNS Hijacking Attack

• Ecovacs says it will fix bugs that can be abused to spy on robot owners

• Halliburton probes ‘an issue’ disrupting business ops

• China-Linked ‘Velvet Ant’ Hackers Exploited Zero-Day to Deploy Malware on Cisco Nexus Switches

• CISA Warns of Critical SolarWinds RCE Vulnerability Exploited in Attacks

• INE Security Launches Initiatives to Invest in the Education of Aspiring Cybersecurity Professionals

• Wordfence Intelligence Weekly WordPress Vulnerability Report (August 12, 2024 to August 18, 2024)

• Ransomware attack on Halliburton America

• Waymo Doubles Weekly Paid Robotaxi Trips Since May

• Protect Your Alerts: The Importance of Independent Incident Alert Management

• Hundreds of online stores hacked in new campaign

• I crashed my iPhone with these four characters so you don’t have to

• Incident Response by the Numbers

• Two Years On, Log4Shell Vulnerability Still Being Exploited to Deploy Malware

• CNAPP and ASPM — Friends or Foes?

• Hackers Spread Disinformation to undermine Taiwan’s Military

• Chinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System Control

• How Securing APIs Factors into DORA Compliance

• Google patches actively exploited zero-day in Chrome. Update now!

• How to avoid common mistakes when adopting AI

• Understanding the ‘Morphology’ of Ransomware: A Deeper Dive

• Lawsuits Pile Up Against Florida-Based Data Firm After Security Breach

• QNAP releases QTS 5.2 to prevent data loss from ransomware threats

• New ‘ALBeast’ Vulnerability Exposes Weakness in AWS Application Load Balancer

• Cthulhu Stealer Malware Targets macOS With Deceptive Tactics

• PEAKLIGHT: Decoding the Stealthy Memory-Only Malware

• FlightAware Confirmed Data Breach Happened Due To Configuration Error

• Hackers Distribute FakeBat Loader Via Fake Software Installers

• Unpatched Vulnerabilities In Microsoft macOS Apps Pose Significant Threat

• Dr Mike Lynch Confirmed Dead, As Search For Daughter Continues

• As Microsoft breaks awkward silence around its controversial Recall feature, privacy questions remain

• The Linux security team issues 60 CVEs a week, but don’t stress. Do this instead

• How frictionless authentication works in online payments

• Cookie Theft: What Is It & How to Prevent It

• Rockwell Automation Emulate3D

• MOBOTIX P3 and Mx6 Cameras

• Rockwell Automation 5015 – AENFTXT

• Post-quantum Cryptography in 2024

• When Compliance Fails: Eye-Opening Incidents in GRC You Need to Know

• How AI and Machine Learning Are Revolutionizing Cybersecurity

• Critical LiteSpeed Cache Plugin Flaw CVE-2024-28000 Sparks a Surge in Cyberattacks

• Costa Rican Authorities Issue Warning as Social Media Identity Theft Cases Double

• Navigating Without GPS: Quantum Breakthroughs and Their Impact

• Enzoic for Active Directory enhancements help teams identify and remediate unsafe credentials

• FAA Admits Gaps in Aircraft Cybersecurity Rules: New Regulation Proposed

• Enhancing Phishing and Malware Detection with ssdeep Fuzzy Hashing

• The Skills Gap Leaves Organizations Open to New Threats and Vulnerabilities

• Prism Infosec PULSE bridges the gap between penetration testing and red teaming

• Anomali announces expanded capabilities for Copilot

• Over 3400 High and Critical Cyber Alerts Recorded in First Half of 2024

• From Crisis to Catalyst: A CEO’s Lessons Learned from A Cybersecurity Incident

• Typing just four characters could crash your iPhone

• Low Media Literacy: A Risk to Australia’s Cybersecurity Landscape

• Atlassian Patches Vulnerabilities in Bamboo, Confluence, Crowd, Jira

• Microsoft again ranked number one in modern endpoint security market share

• US Microchip Giant Hit by Cyberattack, Disrupting Operations

• The best free antivirus software of 2024: Expert tested

• Australian Digital ID: TEx System Poised to Boost Security By Sharing Less Data With Businesses

• Ransomware batters critical industries, but takedowns hint at relief

• How Multifactor Authentication (MFA) Can Reduce Your Cyber Attacks Risk?

• Critical GitHub Enterprise Server auth bypass flaw fixed (CVE-2024-6800)

• Company Fined $1m for Fake Joe Biden AI Calls

• US Oilfield Firm Halliburton Hit By Cyberattack

• Wallarm API Attack Surface Management mitigates API leaks

• US Safety Probe Into GM’s Cruise Shut Down

• Transform Your CAD Workflow with Parametric Modeling

• Get Advanced Ad Blocking and Superior Data Privacy Tools for Just $11

• Entrepreneurs Must Be Value-Focussed, Tech-Positive, and People-Oriented

• Bridging the UK Skills Gap in the Tech Sector

• Ingress-NGINX Annotation Validation Bypass Flaw (CVE-2024-7646) Allows Command Injection

• This uni thought it would be a good idea to do a phishing test with a fake Ebola scare

• The Facts About Continuous Penetration Testing and Why It’s Important

• The Chiplet’s Path to Victory

• From The Ground Up – Addressing Core Inefficiencies in The UK Public Sector

• Memory corruption vulnerabilities in Suricata and FreeRDP

• Critical Flaw in LiteSpeed Cache Plugin Actively Exploited: Over 30,000 Attacks Blocked in 24 Hours

• Google Fixes Ninth Chrome Zero-Day Exploited in Attacks This Year

• Kick off early Octoberfest with an EUC-fest

• Exploitation Expected for Flaw in Caching Plugin Installed on 5M WordPress Sites

• Novel Android Malware Steals Card NFC Data For ATM Withdrawals

• Security Flaws in UK Political Party Donation Platforms Exposed

• What Triggers a CISO?

• Navigating the Challenges of AI in Software Development: A Call to Action to Comply with the EU AI Act

• The 8 Most Common Website Design Mistakes According to Pros

• MegaMedusa, RipperSec’s Public Web DDoS Attack Tool

• Securing the Future: FIPS 140-3 Validation and the DISA STIG for AlmaLinux OS

• Critical SLUBStick Exploitation Technique Threatens Linux Security

• Cybersecurity News: Japanese auto security, Feds tap encrypted messages, Microsoft breaks Linux dual-booting

• Google addressed the ninth actively exploited Chrome zero-day this year

• A cyberattack disrupted operations of US chipmaker Microchip Technology

• Android malware uses NFC to steal money at ATMs

• New Chrome zero-day actively exploited, patch quickly! (CVE-2024-7971)

• Backdoor in Mifare Smart Cards Could Open Doors Around the World

• GitHub fixed a new critical flaw in the GitHub Enterprise Server

• The Surge of Identity and Access Management (IAM): Unveiling the Catalysts

• LibreOffice 24.8: More privacy, interoperability improvements

• How to recover deleted files on your Windows PC

• NCC Group: Ransomware down in June, July YoY

• Extortion Campaign Targets 110,000 Domains Using Exposed AWS Files

• Innovative Phishing Campaign Targets Mobile Users with PWAs

• Cisco calls for United Nations to revisit cyber crime Convention

• Google Cloud to offer enhanced security with Simplicity and Convergence

• 3 Cybersecurity Trends for 2025

• The Golden Age of Impersonation: The Dual Role of AI in Cyber Attacks & Cyber Defense

• GitHub Patches Critical Security Flaw in Enterprise Server Granting Admin Privileges

• Critical Flaw in WordPress LiteSpeed Cache Plugin Allows Hackers Admin Access

• Google Fixes High-Severity Chrome Flaw Actively Exploited in the Wild

• Palo Alto Networks Shines Light on Application Services Security Challenge

• A survival guide for data privacy in the age of federal inaction

• New Malware PG_MEM Targets PostgreSQL Databases for Crypto Mining

• WAF Cloud Authentication Issue Troubleshooting

• Why C-suite leaders are prime cyber targets

• Most ransomware attacks occur between 1 a.m. and 5 a.m.

• Foiling bot attacks with AI-powered telemetry

• The Great Cloud Security Debate: CSP vs. Third-Party Security Tools

• GenAI models are easily compromised

• ISC Stormcast For Thursday, August 22nd, 2024 https://isc.sans.edu/podcastdetail/9108, (Thu, Aug 22nd)

• Bangladeshi Hackers Deface India’s Zee Media Website for Mocking Floods

• You probably want to patch this critical GitHub Enterprise Server bug now

• Best Practices for Event Logging and Threat Detection

• How Trend Micro Managed Detection and Response Pressed Pause on a Play Ransomware Attack

• Fraudulent Slack ad shows malvertiser’s patience and skills

• Authentication and Authorization in Red Hat OpenShift and Microservices Architectures

• IT Security News Daily Summary 2024-08-21

• From Offices to Hotels: Backdoor in Contactless Key Cards Enables Mass Cloning

• My child had her data stolen—here’s how to protect your kids from identity theft

• Publisher’s Spotlight: Cyera

• What Gartner’s 2024 hype cycle forecast tells us about the future of AI (and other tech)

• Stadiums Are Embracing Face Recognition. Privacy Advocates Say They Should Stick to Sports

• Experts disclosed a critical information-disclosure flaw in Microsoft Copilot Studio

• New PG_MEM Malware Targets PostgreSQL Databases to Mine Cryptocurrency

• An explanation of cybersecurity

• The ultimate contact center security checklist

• Geofence Warrants Are ‘Categorically’ Unconstitutional | EFFector 36.11

• Gartner Report: Implement a Continuous Threat Exposure Management (CTEM) Program

• Backdoor in RFID Cards for Offices, Hotels Can Lead to Instant Cloning

• CMA Drops Apple, Google App Store Investigations

• Ford Pulls Back On EV Spending

• Securing Federal Systems

• Typing these four characters could crash your iPhone

• North Korea-linked APT used a new RAT called MoonPeak

• Publisher’s Spotlight: Cranium

• What’s New in CodeSonar 8.2

• Randall Munroe’s XKCD ‘Ferris Wheels’

• The best identity theft protection and credit monitoring services of 2024

• CISA Adds Four Known Exploited Vulnerabilities to Catalog

• 110K domains targeted in ‘sophisticated’ AWS cloud extortion campaign

• Critical Authentication Flaw Haunts GitHub Enterprise Server

• Fintechs Encouraged to Join National Cyber Fraud Reporting System

• North Korean Hackers Deploy New MoonPeak Trojan in Cyber Campaign

• Microsoft Patches Critical Copilot Studio Vulnerability Exposing Sensitive Data

• Telegram and WhatsApp suffer downtime in Russia due to DDoS

• Four Bodies Found In Yacht Wreck Amid Search For Mike Lynch

• More than 3 in 4 Tech Leaders Worry About SaaS Security Threats, New Survey Reveals

• AI in OT Security — Balancing Industrial Innovation and Cyber Risk

• Cyberattack Disrupts Microchip Technology’s Activity

• How Should Your MSP Deal With the ‘Small Client Problem’?

• Critical LiteSpeed Cache Plugin Flaw Exposes WordPress Sites

• New MoonPeak RAT Linked to North Korean Threat Group UAT-5394

• Shaping the legacy of partnership between government and private sector globally: JCDC

• The US Government Wants You—Yes, You—to Hunt Down Generative AI Flaws

• Translating Cybersecurity Jargon into Business Speak

• Publishers Spotlight: Cranium

• Russia tells citizens to switch off home surveillance because the Ukrainians are coming

• Arden Claims Service Reports Data Breach, 139,000 Affected

• Patch Tuesday not Done ’til LINUX Won’t Run?

• How Pen Testing is Evolving and Where it’s Headed Next

• Flight Aware User Data Leaked Following Misconfiguration

• Chemical Giant Orion Loses $60 Million in Email Scam

• Encryption in transit over external networks: AWS guidance for NYDFS and beyond

• Over 5,000,000 Site Owners Affected by Critical Privilege Escalation Vulnerability Patched in LiteSpeed Cache Plugin

• Anthropic Sued For Copyright Infringement By Authors

• Man certifies his own (fake) death after hacking into registry system using stolen identity

• Don’t panic! It’s only 60 Linux CVE security bulletins a week

• How to Use LastPass: Complete Guide for Beginners

• Why the UN Convention Against Cybercrime Requires a Second Look

• Story of an Undercover CIA Agent who Penetrated Al Qaeda

• Rethinking Cyber-Physical Systems Security in the Age of Industry 4.0

• T-Mobile Customers Alarmed by Unfamiliar Support Links, But They Are Legitimate

• Bangladeshi SIM Box Fraud Uncovered in Major Odisha Operation

• Critical Jenkins RCE Vulnerability: A New Target for Ransomware Attacks

• Entrust KeyControl as a Service provides organizations with control of their cryptographic keys

• HITRUST unveils AI Risk Management Assessment solution

• Oregon Zoo Warns Over 100,000 Customers of Payment Card Compromise

• Australia Calls Off Clearview AI Investigation Despite Lack of Compliance

• Embed API Security into Regulatory Compliance: Six Examples to Watch

• Introducing Automatic URL Categorization: Enhanced Security and Efficiency

• The AI Revolution: Transforming Technology and Reshaping Cybersecurity

• Critical Remote Code Execution Vulnerability Addressed in GiveWP Plugin

• PostgreSQL databases under attack

• National Public Data leaked passwords online

• McAfee unleashes AI deepfake audio detector – but how reliable can it be?

• TA453 Targets Religious Figure with Fake Podcast Invite Delivering New BlackSmith Malware Toolset

• Thousands of Apps Using AWS ALB Exposed to Attacks Due to Configuration Issue

• Survey Surfaces Growing SaaS Application Security Concerns

• CISA to Get New Headquarters as $524M Contract Awarded

• 1-15 May 2024 Cyber Attacks Timeline

• Researcher Details Microsoft Outlook Zero-Click Vulnerability (CVE-2024-38021)

• Four Essential Tips for Building a Robust REST API in Java

• Critical Heap Overflow Vulnerability Discovered in FFmpeg, PoC Published

• TLS Bootstrap Attack on Azure Kubernetes Services can Leak Sensitive Credentials

• Google Cloud Unveils New Security Services and Capabilities

• Tesla To Receive Lower EU Tariff For Chinese-Made EVs

• ALBeast: Misconfiguration Flaw Exposes 15,000 AWS Load Balancers to Risk

• CISA Adds One Known Exploited Vulnerability to Catalog

• RightCrowd introduces Mobile Credential Management feature

• New macOS Malware TodoSwift Linked to North Korean Hacking Groups

• Styx Stealer Creator’s OPSEC Fail Leaks Client List and Profit Details

• It’s Time To Untangle the SaaS Ball of Yarn

• Microchip Technology apparently impacted by ransomware attack

• The Rise of Kerberoasting: A New Cyber Threat on the Horizon

• Exploits and vulnerabilities in Q2 2024

• New Msupedge Backdoor Targeting Taiwan Employs Stealthy Communications

• Healthcare Hit by a Fifth of Ransomware Incidents

• Sky Signs Full Fibre Broadband Partnership With CityFibre

• Toyota confirms customer and employee data stolen, says breach at third party to blame

• The 6 Best Malware Removal Software Providers for 2024

• RCE Vulnerability in Atlassian Bamboo Data Center and Server

• Mastering Data Visibility for Secure AI Adoption with Cyera

• MoonPeak malware from North Korean actors unveils new details on attacker infrastructure

• Autoencoder Is All You Need: Profiling and Detecting Malicious DNS Traffic

• Microchip Technology manufacturing facilities impacted by cyberattack

• Cybersecurity News: Toyota third-party breach, Hawaii registry hack, Iran disrupting campaigns

• Pro-Russia group Vermin targets Ukraine with a new malware family

• Spring Security Flaw Leaves Applications Open to Unauthorized Access

• Cyberattack Disrupts Microchip Technology Manufacturing Facilities

• Most Ransomware Attacks Now Happen at Night

• Tips to Help Leaders Improve Cyber Hygiene

• Understanding Managed Service Providers (MSPs): Choosing the Right Provider

• Rising Abuse of URL Rewriting in Phishing

• Unmasking Styx Stealer: How a Hacker’s Slip Led to an Intelligence Treasure Trove

• Microchip Technology Says IT Incident Impacted Operations

• Over 10,000 WordPress Sites at Risk: Critical File Deletion Flaw Found in InPost Plugins

• Deadbeat dad faked his own death by hacking government databases

• McAfee Deepfake Detector combats AI scams and misinformation

• How to Use BitDefender VPN on Any Device: 2024 Tutorial

• Transforming underserved communities and fostering sustainable growth through entrepreneurial endeavors

• A backdoor in millions of Shanghai Fudan Microelectronics RFID cards allows cloning

• McAfee Unveils Tool to Identify Potential Deep Fakes

• CERT-UA Warns of New Vermin-Linked Phishing Attacks with PoW Bait

• Ransomware hits record high amounts: Cyber Security Today for Tuesday, August 21, 2024

• US Intelligence Agencies Warn of Iranian Election Influence Efforts

• FlightAware Notifies Users of Data Security Incident

• Cyberattack Forces Microchip Technology to Scale Back Amid Global Chip Race

• Publishers Spotlight: Bedrock Security

• OpenCTI: Open-source cyber threat intelligence platform

• GiveWP WordPress Plugin Vulnerability Puts 100,000+ Websites at Risk

• Experts Weigh In on the NPD Breach and Its Implications

• The Hidden Threat of Shadow AI

• Food security: Accelerating national protections around critical infrastructure

• Cybersecurity jobs available right now: August 21, 2024

• Why I Joined Balbix: Embracing the AI-Powered Future of Cybersecurity

• Average DDoS attack costs $6,000 per minute

• ISC Stormcast For Wednesday, August 21st, 2024 https://isc.sans.edu/podcastdetail/9106, (Wed, Aug 21st)

• Singapore updates OT security blueprint to focus on data sharing and cyber resilience

• Chipmaker Microchip reveals cyber attack whacked manufacturing capacity

• Mapping Threats with DNSTwist and the Internet Storm Center [Guest Diary], (Tue, Aug 20th)

• New Phishing Attacks Target Eastern European Bank Users on iOS and Android

• An AWS Configuration Issue Could Expose Thousands of Web Apps

• Black Hat USA 2024: Key Takeaways from the Premier Cybersecurity Event

• IT Security News Daily Summary 2024-08-20

• What is cloud detection and response (CDR)?

• Building a Semantic Web Search App Using Resource Description Framework and Flask for Cyber Resilience

• Czech Mobile Users Targeted in New Banking Credential Theft Scheme

• Detecting AWS Account Compromise: Key Indicators in CloudTrail Logs for Stolen API Keys

• Why you need to know about ransomware

• Can someone tell if I block their number?

• Darktrace Co-founder Mike Lynch Presumed Dead After Superyacht Sinks

• Black Hat 2024, Day 2: Charting the Future of Cybersecurity

• Cisco employees face a month of silence ahead of second layoff in 2024

• Ransomware payments rose from $449.1 million to $459.8 million

• U.S. agencies attribute Trump campaign hack to Iran

• Should small businesses worry about the NIS2 Directive in Europe?

• Previously unseen Msupedge backdoor targeted a university in Taiwan

• Africa’s Economies Feel Pain of Cybersecurity Deficit

• Major Backdoor in Millions of RFID Cards Allows Instant Cloning

• Comic Agilé – Mikkel Noe-Nygaard, Luxshan Ratnaravi – #304 – Fail Fast

• Agentless is a DAM Better Option for Securing Cloud Data

• To Improve Your Cybersecurity Posture, Focus on the Data

• AI-Enhanced Crypto Scams: A New Challenge for ASIC

• Lessons for Banks from the Recent CrowdStrike Outage

• Novel Phishing Method Used in Android/iOS Financial Fraud Campaigns

• Germany offers Cybersecurity Labels for mobile devices

• TodoSwift Malware Targets macOS, Disguised as Bitcoin PDF App

• How Data Encryption Can Simplify Infrastructure Architecture

• Strengthening Your Cyber Defenses: The Critical Role of Defensive Training

• Hackers Linked to $14M Holograph Crypto Heist Arrested in Italy

• Publishers Spotlight: ForAllSecure

• Plane tracker FlightAware admits user passwords, SSNs exposed for years

• New DNS-Based Backdoor Threat Discovered at Taiwanese University

• Edge Computing and 5G: Emerging Technology Shaping the Future of IT

• National Public Data Breach: Only 134 Million Unique Emails Leaked and Company Acknowledges Incident

• How to Get a VPN on Any Device (+ Installation Tips)

• US government accuses Iran of Trump campaign hack; Iran scoffs

• Your Journey to Mastery with Black Belt Training: A Comprehensive Guide for Cisco Partners

• Russia-linked Vermin Hackers Target Ukraine With new Malware Strain

• UK: NCSC Opens Cyber Resilience Audit Scheme to Applicants

• Plane-tracking app admits user passwords, SSNs exposed for over 3 years

• Critical Flaw in Donation Plugin Exposed 100,000 WordPress Sites to Takeover

• USENIX Security ’23 – Pspray: Timing Side-Channel Based Linux Kernel Heap Exploitation Technique

• INE Security Alert: The Steep Cost of Neglecting Cybersecurity Training

• New Report Reveals Rising Attacks on macOS Systems

• Here’s Why Ransomware Actors Have a Upper Hand Against Organisations

• Timeline of the Ransomware Attack on Change Healthcare: How It Unfolded

• Iranian Group TA453 Launches Phishing Attacks with BlackSmith

• Where are we with CVE-2024-38063: Microsoft IPv6 Vulnerability, (Tue, Aug 20th)

• Cost of a data breach: The industrial sector

• Securing Catalyst Center: ISO Certified

• OpenAI Kills Iranian Accounts Spreading Us Election Disinformation

• Common API Security Issues: From Exposed Secrets To Unauthorized Access

• Fortanix protects individual file systems on specified hosts

• New phishing method targets Android and iPhone users

• New Styx Stealer Attacking Users to Steal Login Passwords

• “We will hold them accountable”: General Motors sued for selling customer driving data to third parties

• Most Ransomware Attacks Occur When Security Staff Are Asleep, Study Finds

• Three-Quarters of Companies Retain An Increasing Amount of Sensitive Data, Report Finds

• Bitdefender vs Kaspersky: Comparing Top EDR Solutions in 2024

• Digital Wallets can Allow Purchases With Stolen Credit Cards

• Publishers Spotlight: Endari

• Your Company Culture Can Become A Powerful Cybersecurity Resource

• Hackers Could Exploit Microsoft Teams on macOS to Steal Data

• MegaMedusa, Highly Scalable Web DDoS Attack Tool Used By Hacker Groups

• Backdoor MIFARE Smart Cards Exposes User-Defined Keys On Cards

• Digital Wallets Bypassed To Allow Purchase With Stolen Cards

• x64dbg: Open-Source Binary Debugger for Windows

• All-in-One: How Cynet is Revolutionizing Cybersecurity for MSPs

• Survey Surfaces Widespread Mishandling of Sensitive Data

• 0-day in Windows driver exploited by North Korean hackers to deliver rootkit (CVE-2024-38193)

• Approach to mainframe penetration testing on z/OS

• Chrome Will Redact Credit Cards, Passwords When You Share Android Screen

• Xeon Sender Enables Large-Scale SMS Spam Attacks Using Legitimate SaaS Providers

• Fabric Cryptography Raises $33 Million for VPU Chip

• RansomHub Deploys EDRKillShifter Malware to Disable Endpoint Detection Using BYOVD Attacks

• Hacking Wireless Bicycle Shifters

• How Exceptional CISOs Are Igniting the Security Fire in Their Development Team

• Multi-Domain vs Wildcard SSL Certificates: Differences & Uses

• Overturning of Chevron Deference’s Impact on Cybersecurity Regulation

• Vermin Cyber-Attacks Target Ukraine, Exploiting Kursk Battle

• Comprehensive Threat Protection Strategies for Microsoft 365 Environments

• 2GB variant of Raspberry Pi Launched for Just $50

• Authentik: Open-Source Identity Provider

• Multiple Microsoft Apps for macOS Vulnerable to Library Injection Attacks

• Vulnerabilities in Microsoft macOS apps may give attackers access to microphone, camera

• Iranian Cyber Group TA453 Targets Jewish Leader with New AnvilEcho Malware

• Researchers Uncover TLS Bootstrap Attack on Azure Kubernetes Clusters

• Anatomy of an Attack

• Hackers Exploit PHP Vulnerability to Deploy Stealthy Msupedge Backdoor

• Iran Behind Trump Campaign Hack, US Government Confirms

• The Metaverse Won’t Die: Embracing the Future of Work and Connection

• Artificial intelligence, real anxiety: Why we can’t stop worrying and love AI

• Update: Ransomware Attack on Indian Payment System Traced Back to Jenkins Bug

• GuidePoint Security releases Phishing as a Service

• I Said I Was Technically a CISO, Not a Technical CISO

• Palo Alto Networks Forecasts Strong Security Demand

• South Korean AI Chip Makers Sapeon, Rebellions To Merge

• Update: US Agencies Attribute Presidential Campaign Cyberattacks to Iran

• Ubuntu Addresses Multiple OpenJDK 8 Vulnerabilities

• Cybersecurity News: National Public Data breach update, Flaws in macOS apps, FlightTracker configuration issue

• UK Businesses Face New Cyber-Attacks Every 44 Seconds in Q2 2024

• Securing Infrastructure as Code: Best Practices for State Management

• Vulnerability Recap 8/20/24 – Microsoft Has the Spotlight This Week

• Oracle NetSuite misconfiguration could lead to data exposure

• Microsoft Mandates MFA for all Azure Sign-Ins

• CISA Adds Jenkins CLI Bug to its Known Exploited Vulnerabilities Catalog

• Jewish Home Lifecare Notifies 100,000 Victims of Ransomware Breach

• Former Congressman Santos Admits Identity Theft and Fraud

• Mike Lynch Co-Defendant Dies In Car Accident

• 2.9 Billion Records Exposed in NPD Breach: How to Stay Safe

• Cybercriminals Exploit Paris Olympics With Fake Domains

• Ukrainian Bank’s Service for Military Donations Targeted by ‘Massive’ DDoS Attack

• Google Pixel Devices Found Vulnerable Due To Pre-Installed App

• Google Pledges To Strengthen Privacy With Gemini AI

• Shanghai Doubles Size Of Chip Investment Fund

• AMD To Buy Server Maker ZT Systems Amidst AI Battle

• Unauthenticated RCE in WordPress Plugin Exposes 100,000 WordPress Sites

• Toyota disclosed a data breach after ZeroSevenGroup leaked stolen data on a cybercrime forum

• 10 Strategies for Safely Migrating a Data Center on a Limited Budget

• NEWS ANALYSIS Q&A: The early going of Generative AI and LLMs impacting cybersecurity

• X Closes Brazil Office Due To ‘Censorship’

• Autodesk AutoCAD Vulnerability Let Attackers Execute Arbitrary Code

• Iran named as source of Trump campaign phish, leaks

• Google to launch threat detection AI powered feature to all Android phones

• 5 Emerging Malware Variants You Must Be Aware Of

• CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks

• Thousands of Oracle NetSuite Sites at Risk of Exposing Customer Information

• Blind Eagle Hackers Exploit Spear-Phishing to Deploy RATs in Latin America

• Ransom Denied: Cyber Insurance Claims Shrink as Businesses Opt for DIY Recovery

• Why a Savvy Security Strategy is Essential | Grip

• Ransomware’s Record Year: 2024 Earnings Soar Amid Overall Cybercrime Dip

• Organizations turn to biometrics to counter deepfakes

• AI for application security: Balancing automation with human oversight

• Strategies for security leaders: Building a positive cybersecurity culture

• Cybercriminals exploit file sharing services to advance phishing attacks

• ISC Stormcast For Tuesday, August 20th, 2024 https://isc.sans.edu/podcastdetail/9104, (Tue, Aug 20th)

• Digital wallets can allow purchases with stolen credit cards

• US Intelligence Officials Say Iran is to Blame for Hacks Targeting Trump, Biden-Harris Campaigns

• Identity Protection That Spans the Entire Attack Lifecycle

• USENIX Security ’23 – Side-Channel Attacks on Optane Persistent Memory

• What You Missed About the CrowdStrike Outage:: The Next Strike Might Be Linux Due to eBPF

• Crypto enthusiasts flood npm with more than 281,000 bogus packages overnight

• Joint ODNI, FBI, and CISA Statement on Iranian Election Influence Efforts

• IT Security News Daily Summary 2024-08-19

• SOCI Act 2024: Thales Report Reveals Critical Infrastructure Breaches in Australia

• Guide to data detection and response (DDR)

• The Windows BitLocker recovery bug is fixed, according to Microsoft

• Announcing new EDR capabilities for Webroot Endpoint Protection

• CISA adds Jenkins Command Line Interface (CLI) bug to its Known Exploited Vulnerabilities catalog

• OpenAI kills Iranian accounts using ChatGPT to write US election disinfo

• test

• Your Android phone is getting an anti-theft upgrade, thanks to AI. How it works

• Too many cloud security tools? Time for consolidation

• MSPs: The Cisco Meraki Approach to Addressing MDU Deployments

• Court to California: Try a Privacy Law, Not Online Censorship

• NO FAKES – A Dream for Lawyers, a Nightmare for Everyone Else

• Multiple flaws in Microsoft macOS apps unpatched despite potential risks

• Extortion Group Exploits Cloud Misconfigurations, Targets 110,000 Domains

• Mike Lynch, Five Others Missing After Yacht Sinks Off Sicily

• SAFECOM and NCSWIC Develop Global Positioning System (GPS) for Public Safety Location Services: Use Cases and Best Practices

• Social Security number data breach: What you need to know

• Researchers uncovered new infrastructure linked to the cybercrime group FIN7

• Daniel Stori’s ‘The War For Port 80’

• Here’s What Businesses Can Learn From a $2 Million Ransomware Attack SEC Settlement

• Zero-Trust Security: The Critical Role of Trust And Human Integrity

• Stolen, locked payment cards can be used with digital wallet apps

• Making sense of secrets management on Amazon EKS for regulated institutions

• CISA Warns Of Active Exploitation Of SolarWinds Web Help Desk Vulnerability

• FlightAware warns that some customers’ info has been ‘exposed,’ including Social Security numbers

• Vulnerability Summary for the Week of August 12, 2024

• How We Transformed Akamai from a CDN to a Cloud and Security Company

• AWS cyber attack exposes over 230 million unique cloud environments

• CrowdStrike outage lessons learned: Questions to ask vendors

• National Public Data Published Its Own Passwords

• Windows Zero-Day Attack Linked to North Korea’s Lazarus APT

• FBI and CISA Assure Public on Election Ransomware Security

• $4,998 Bounty Awarded and 100,000 WordPress Sites Protected Against Unauthenticated Remote Code Execution Vulnerability Patched in GiveWP WordPress Plugin

• Data Security Solution for US Federal Customers

• Hacked GPS tracker reveals location data of customers

• Dodging the Cyber Bullet: Early Signs of a Ransomware Attack

• Cyber Stressed! Top 3 MSP Cybersecurity Challenges [And How to Fix Them]

• Heimdal and ViroSafe Partner to Strengthen Nordic Cybersecurity

• Mandatory MFA is Coming to Microsoft Azure

• USENIX Security ’23 – Cipherfix: Mitigating Ciphertext Side-Channel Attacks in Software

• The Rise of Manual Techniques in Ransomware Attacks: A Growing Threat

• New Tool Xeon Sender Enables Large-Scale SMS Spam Attacks

• “WireServing” Up Credentials: Escalating Privileges in Azure Kubernetes Services

• AI SPERA and Hackers Central Partner to Expand Mexico’s Security Market with ‘Criminal IP ASM’

• If your SSN was leaked online, you should freeze your credit: Here’s how to do that

• Cyber insurance claims fall as businesses refuse ransom payments and recover themselves

• National Public Data Says Breach Impacts 1.3 Million People

• Massive Data Breach Exposes Social Security Numbers of 2.9 Billion People

• Major Data Breach at FlightAware Exposes Pilots and Users’ Information

• Own proactively detects and stores data changes in Salesforce

• Appian helps organizations prepare for current and forthcoming AI regulations

• Microsoft Apps for macOS Exposed to Library Injection Attacks

• Announcing AWS KMS Elliptic Curve Diffie-Hellman (ECDH) support

• Lazarus Hacker Group Exploited Microsoft Windows Zero-day

• Getting to Know Katrin Bauer

• Azure Domains and Google Abused to Spread Disinformation and Malware

• EFF and Partners to EU Commissioner: Prioritize User Rights, Avoid Politicized Enforcement of DSA Rules

• National Public Data tells officials ‘only’ 1.3M people affected by intrusion

• Cybercriminals Exploit Popular Software Searches to Spread FakeBat Malware

• New UULoader Malware Distributes Gh0st RAT and Mimikatz in East Asia

• API Security: The Cornerstone of AI and LLM Protection

• Internal And External Threat Intelligence

• Crypto Firm Says Hacker Locked All Employees Out of Google Products for Four Days

• Mad Liberator Gang Uses Fake Windows Update Screen to Hide Data Theft

• Oregon Zoo Ticketing Service Hack Impacts 118,000

• How to Automate the Hardest Parts of Employee Offboarding

• Microsoft Users Rush To Patch Zero-Click TCP/IP RCE Flaw

• Ransomware Resilience Drives Down Cyber Insurance Claims

• Linux Kernal Vulnerability Let Attackers Bypass CPU & Gain Read/Write Access

• Unfixed Microsoft Entra ID Authentication Bypass Threatens Hybrid IDs

• The Essential Guide to Evaluating Competitive Identity Verification Solutions

• Xeon Sender Tool Exploits Cloud APIs for Large-Scale SMS Phishing Attacks

• How can you check if your SSN was leaked on the dark web after the NPD breach?

• OpenAI Deactivates Accounts Used By Iran Election Influence Group

• Court Narrows Injunction On California Social Media Law

• Millennials’ sense of privacy uniquely tested in romantic relationships

• Supply Chain Security Policy

• CyberGhost vs ExpressVPN (2024): Which VPN Is Better?

• The Pentagon Is Planning a Drone ‘Hellscape’ to Defend Taiwan

• Experts warn of exploit attempt for Ivanti vTM bug

• BlindEagle flying high in Latin America

• Industry Moves for the week of August 19, 2024 – SecurityWeek

• 100,000 Impacted by Jewish Home Lifecare Data Breach

• Combining Continuous Pentesting with Attack Surface Management

• How multiple vulnerabilities in Microsoft apps for macOS pave the way to stealing permissions

• Tracki – 372,557 breached accounts

• Thousands of Oracle NetSuite E-Commerce Sites Expose Sensitive Customer Data

• Update: Windows Zero-Day Flaw was Exploited by North Korea-linked Lazarus APT

• Cybersecurity News: Entra forces MFA, another AnyDesk heist, Google Pixel vulnerability

• TikTok Says US Data Not Linked To China

• Texas Instruments Receives $1.6bn In US Gov’t Chip Funding

• Duke of Sussex Speaks Against Online Misinformation

• Shares In EV Maker Ola Spike After Motorcycle Launch

• Microsoft Zero-Day CVE-2024-38193 was exploited by North Korea-linked Lazarus APT

• Rewriting Hysteria: Rising Abuse of URL Rewriting in Phishing

• Mandatory MFA for Azure sign-ins is coming

• NCSC Opens Cyber Resilience Audit Scheme to Applicants

• Enhancing Internal Controls: Correlation, Mapping, and Risk Mitigation

• 10 Authentication Trends in 2024 and Beyond

• Fast Forward or Freefall? Navigating the Rise of AI in Cybersecurity

• Group-IB partners with SecurityHQ to enhance SOC capabilities

• AMD Patched The Newly Disclosed SinkClose CPU Vulnerability

• ProtonVPN Opens Up Browser Extension Feature To Free Users

• A week in security (August 12 – August 18)

• Unicoin Staff Locked Out of G-Suite in Mystery Attack

• OpenAI takes action against Iranian disinformation campaigns using ChatGPT: Cyber Security Today for Monday, August 19th, 2024

• Epic Games’s Fortnite Returns To Smartphones After Four Years

• Explore Talent (August 2024) – 8,929,384 breached accounts

• The Inefficiency of People-Search Removal Tools, Massive Data Breach Impacting U.S. Citizens

• Microsoft Patches Zero-Day Flaw Exploited by North Korea’s Lazarus Group

• Do you Like Donuts? Here is a Donut Shellcode Delivered Through PowerShell/Python, (Mon, Aug 19th)

• National Public Data Leaks Social Security Numbers of about 2.7 billion populaces

• Top Paying Countries for Cybersecurity Experts

• Researchers Found a New Technique to Defend Cache Side Channel Attacks

• Ransomware Gangs Introduce New EDR-Killing Tool

• National Public Data Admits to Breach Leaking Millions of Social Security Numbers

• Researchers Uncover New Infrastructure Tied to FIN7 Cybercrime Group

• BeaverTail Malware Attacking Windows Users Via Weaponized Games

• Was your Social Security number leaked to the dark web? Use this tool to find out

• Protecting academic assets: How higher education can enhance cybersecurity

• x64dbg: Open-source binary debugger for Windows

• To improve your cybersecurity posture, focus on the data

• Common API security issues: From exposed secrets to unauthorized access

• ISC Stormcast For Monday, August 19th, 2024 https://isc.sans.edu/podcastdetail/9102, (Mon, Aug 19th)

• Was your SSN leaked to the dark web? Use this tool to find out

• RansomHub-linked EDR-killing malware spotted in the wild

• The Mad Liberator ransomware group uses social-engineering techniques

• IT Security News Weekly Summary – Week 33

• IT Security News Daily Summary 2024-08-18

• USENIX Security ’23 – NVLeak: Off-Chip Side-Channel Attacks via Non-Volatile Memory Systems

• How to freeze your credit – and how it can help protect you after data breaches

• From 2018: DeepMasterPrints: deceive fingerprint recognition systems with MasterPrints generated with GANs

• The Rise of Malvertising: How Scammers Target Google Products with Malicious Search Ads

• Russian Disinformation Network Struggles to Survive Crackdown

• Pro-Palestine Outfit Takes Responsibility for Hacking Donald Trump-Elon Musk Interview

• Ransomware Attack on the Washington Times Leads to a Dark Web Data Auction

• Navigating AI and GenAI: Balancing Opportunities, Risks, and Organizational Readiness

• National Public Data Breach Exposes Millions: Threat of Identity Theft Looms

• CVE-2024-7646: Ingress-NGINX Annotation Validation Bypass – A Deep Dive

• Getting Wins for Security Leaders: Strategies and Considerations for Success

• Security Affairs newsletter Round 485 by Pierluigi Paganini – INTERNATIONAL EDITION

• SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 7

• Large-scale extortion campaign targets publicly accessible environment variable files (.env)

• Week in review: MS Office flaw may leak NTLM hashes, malicious Chrome, Edge browser extensions

Generated on 2024-08-25 23:58:22.306865