IT Security News Daily Summary 2024-08-13

LDLC – 1,266,026 breached accounts
Cloud infrastructure entitlement management in AWS
Back to school: Managing your high schooler’s digital milestones
Six ransomware gangs behind over 50% of 2024 attacks
FBI Disrupts Operations of the Dispossessor Ransomware Group
Microsoft fixes 6 zero-days under active attack
Microsoft August 2024 Patch Tuesday, (Tue, Aug 13th)
16 Women in Cybersecurity Who Are Reshaping the Industry (2024)
What the Delta-Crowdstrike lawsuit may mean for IT contracts
Microsoft Warns of Six Windows Zero-Days Being Actively Exploited
Gartner® Insights: Navigating the Evolving API Protection Market and Taking Action
Talos discovers Microsoft kernel mode driver vulnerabilities that could lead to SYSTEM privileges; Seven other critical issues disclosed
Law enforcement disrupts Radar/Dispossessor ransomware group
A PoC exploit code is available for critical Ivanti vTM bug
National Public Data (unverified) – 133,957,569 breached accounts
Vulnerability Recap 8/12/24 – Old Vulnerabilities Unexpectedly Emerge
Ewon Cosy+ Industrial Devices Vulnerable to Serious Security Exploits
StickmanCyber Report: A Look Inside Australia’s Cybersecurity Skills Crisis
Rockwell Automation ControlLogix, GuardLogix 5580, CompactLogix, Compact GuardLogix 5380
Rockwell Automation FactoryTalk View Site Edition
Rockwell Automation GuardLogix/ControlLogix 5580 Controller
CISA Adds Six Known Exploited Vulnerabilities to Catalog
US accuses man of being ‘elite’ ransomware pioneer they’ve hunted for years
Adobe Calls Attention to Massive Batch of Code Execution Flaws
WTH? DPRK WFH Ransomware Redux: 3rd Person Charged
SIEM vs. SOAR vs. XDR: Evaluate the key differences
The UN General Assembly and the Fight Against the Cybercrime Treaty
Check Point Research Warns Every Day is a School Day for Cyber Criminals with the Education Sector as the Top Target in 2024
US appeals court rules geofence warrants are unconstitutional
Biden-Harris Campaign, Trump Operative Stone Also Target of Hackers
Rhysida Ransomware Takes Responsibility for Bayhealth Hospital Breach
Malwarebytes awarded Parent Tested Parent Approved Seal of Approval
Digital Apartheid in Gaza: Big Tech Must Reveal Their Roles in Tech Used in Human Rights Abuses
Australian gold producer targeted by ransomware gang
What Does It Take to Manage an On-Premise vs Cloud Data Security Product?
Rockwell Automation AADvance Standalone OPC-DA Server
Rockwell Automation ControlLogix, GuardLogix 5580, CompactLogix, and Compact GuardLogix 5380
Rockwell Automation Micro850/870
Rockwell Automation Pavilion8
AVEVA SuiteLink Server
Lead with simplicity: A guide for strengthening security in logistics
US Unseals Charges Against Three Eastern Europeans Over Ransomware, Malvertising
Gold Mining Firm in Australia Reports Ransomware Breach
EDR Importance: Why Is EDR Important? (With Use Cases)
Feds bust minor league Radar/Dispossessor ransomware gang
Sleeping With the Phishes
USENIX Security ’23 – Formal Analysis of SPDM: Security Protocol and Data Model Version 1.2
NIST Formalizes World’s First Post-Quantum Cryptography Standards
Hacktivism’s Role in Political Conflict: The Renewed Campaign of #OpVenezuela
Check Point Research Warns Every Day is a School Day for Cybercriminals with the Education Sector as the Top Target in 2024
New Post Quantum Cryptography Standards Poised to Revolutionize Cybersecurity
Massive Data Breach in Columbus Over 3TB Files Leaked by Rhysida Ransomware Group
East Valley Institute of Technology Data Breach Exposes Over 200,000 Records
Cost of a data breach 2024: Financial industry
National Public Data Breach: 2.7bn Records Leaked on Dark Web
Guardio Critical Security Alerts monitors and analyzes scam activities
Suspected head of Reveton, Ransom Cartel RaaS groups arrested
Researchers Uncover Vulnerabilities in AI-Powered Azure Health Bot Service
GhostWrite: New T-Head CPU Bugs Expose Devices to Unrestricted Attacks
The great location leak: Privacy risks in dating apps
Reframing the ZTNA vs. SASE Debate
Cequence Storms Black Hat with API Security Testing for Generative AI Applications
Cato Network Reports Spike in Attempts to Exploit Log4j Vulnerabilities
Scammers dupe chemical company into wiring $60 million
Phishing Campaign Compromises 100+ Ukrainian Government Computers
Twitter’s AI Ambitions Face GDPR Backlash: Nine New Complaints Filed
Preparation Is Not Optional: 10 Incident Response Readiness Considerations for Any Organization
Stellar strengthens security for remote teams
Prolific Belarusian Cybercriminal Arrested in Spain
Help Desks Under Siege: Bolstering Cyber Defenses
CryptoScam Strikes Misusing Trump & Musk Interview
McAfee vs Kaspersky (2024): Which Solution Is Best for Your Team?
Urgent Call for EPA Cyber Strategy to Safeguard Water Infrastructure
A refresher on Talos’ open-source tools and the importance of the open-source community
Hackers Leak 1.4 Billion Tencent User Accounts Online
APT trends report Q2 2024
Misconfigurations and IAM Weaknesses Top Cloud Security Concerns
Post-Quantum Cryptography Standards Officially Announced by NIST – a History and Explanation
Italy Demands Cybersecurity Safeguards from Dongfeng for New Auto Plant Investment
What Happens When Your House Burns Down Right Before a Meeting?
How to Prepare for SOC 2 and ISO 27001 Audit? Tips for Jira Admins
Why Hardsec Matters: From Protecting Critical Services to Enhancing Resilience
Data theft forum admins busted after flashing their cash in a life of luxury
On the Voynich Manuscript
New Dark Skippy Attack Let Hackers Steal Secret Keys From Signing Devices
Orion SA says scammers conned company out of $60 million
Three Reasons to Take a New Cyber-Resilient Approach to Data Protection
Australian gold mining company hit with ransomware
Fake X Content Warnings on Ukraine War, Earthquakes Used as Clickbait
Scout Suite: Open-Source Cloud Security Auditing Tool
Who uses LLM prompt injection attacks IRL? Mostly unscrupulous job seekers, jokesters and trolls
Ransomware Hits Australian Gold Mining Firm Evolution Mining
ArtiPACKED: Hacking Giants Through a Race Condition in GitHub Actions Artifacts
Volocopter Tests eVTOL ‘Air Taxi’ At Versailles
Polish Billionaire, Wife To Sue Meta Over Misinformation
Privacy Group Files GDPR Complaints Over X AI Data Plans
Trump Returns To X For Live Interview
FBI Investigates After Trump Campaign Hacked By Iranians
Kicking cyber security down the road can come back to bite you
Britain and France to Discuss Misuse of Commercial Cyber Intrusion Tools
The Crucial Role of Firewall Rule Histories
Why Are Fortune 500 Companies Swiping Right on 3-Person Startups?
Authorities Seized Dispossessor Ransomware Servers
Understanding Social Engineering Tactics: 8 Attacks to Watch Out For
What is the Critical Pathway to Insider Risk (CPIR)?
FBI Shuts Down Dispossessor Ransomware Group’s Servers Across U.S., U.K., and Germany
Cybersecurity News: U.S. “laptop farm” shut down, Ukranian computers compromised, Trump campaign hacked
CERT-UA warns of a phishing campaign targeting government entities
NIS2: A Catalyst for Cybersecurity Innovation or Just Another Box-Ticking Exercise?
South Korea Warns Pyongyang Has Stolen Spy Plane Details
DeathGrip Ransomware Expanding Services Using RaaS Service
Unmasking the Overlap Between Golddigger and Gigabud Android Malware
Radar/Dispossessor Ransomware Operation Disrupted by Authorities
Black Hat Fireside Chat: Here’s how ‘Active ASPM’ is helping to triage and remediate coding flaws
International investigation shuts down Radar/Dispossessor ransomware group
FBI Leads Effort to Dismantle Radar/Dispossessor Ransomware
In search of the foolproof AI watermark
US DoJ dismantled remote IT worker fraud schemes run by North Korea
Government says to add cybersecurity to your back-to-school list
Understanding Defense in Depth in IT Security
PostgreSQL Vulnerability Allows Hackers To Execute Arbitrary SQL Functions
This new fully encrypted messenger app is serious about privacy
PostgreSQL Vulnerability Hackers Execute Arbitrary SQL Functions
Email Security Risk Remains Alarmingly High
Publishers Spotlight: DigitalXForce
‘Digital arrest’ scams are big in India and may be spreading
Ukraine Warns of New Phishing Campaign Targeting Government Computers
Donald Trump interview with Elon Musk disrupted by DDoS Cyber Attack
Browser backdoors: Securing the new frontline of shadow IT
Six Reasons Healthcare Organizations Need Robust Cybersecurity
How CIOs, CTOs, and CISOs view cyber risks differently
Key metrics for monitoring and improving ZTNA implementations
AMD won’t patch Sinkclose security bug on older Zen CPUs
35% of exposed API keys still active, posing major security risks
ISC Stormcast For Tuesday, August 13th, 2024 https://isc.sans.edu/podcastdetail/9094, (Tue, Aug 13th)
FBI Says It Is Investigating After Trump Campaign Said Sensitive Documents Were Hacked by Iran
Risk & Repeat: Recapping Black Hat USA 2024
Ransomware Attack Fetched A Record $75 Million
IT Security News Daily Summary 2024-08-12
SAFECOM Membership Spotlight ft. Red Grasso, North Carolina Department of Information Technology
How to conduct a mobile app security audit
FBI takes down ransomware gang that hacked dozens of companies
Harnessing LLMs for Automating BOLA Detection
The biggest data breaches in 2024: 1 billion stolen records and rising
Federal Appeals Court Finds Geofence Warrants Are “Categorically” Unconstitutional
USENIX Security ’23 – Automated Security Analysis of Exposure Notification Systems
Disposing of an old Windows laptop? Here’s the safest way to erase your personal data (for free!)
Attacker steals personal data of 200K+ people with links to Arizona tech school
DOJ Shuts Down Another North Korean ‘Laptop Farm’
A FreeBSD flaw could allow remote code execution, patch it now!
The UK Erupts in Riots as Big Tech Stays Silent
Apple’s ToolSandbox reveals stark reality: Open-source AI still lags behind proprietary models
Black Hat and DEF CON Roundup 2024: CrowdStrike Accepts ‘Epic Fail’ Award
Flashpoint CEO: Cyber, physical security threats converging
Justice Department Disrupts North Korean ‘Laptop Farm’ Operation
AppViewX Automated Certificate Management for PingAccess
News alert: Criminal IP and Maltego team up to broaden threat intelligence data search
India’s Largest Crypto Theft: INR 2,000 Crore Stolen from WazirX Exchange Wallet
Vulnerability Summary for the Week of August 5, 2024
AI girlfriends want to know all about you. So might ChatGPT (Lock and Code S05E17)
Attacker steals personal data of 200k+ people with links to Arizona tech school
Ransomware gangs doxing family members of victims
Several Vulnerabilities Found in Google’s Quick Share Data Transfer Utility
Data Fusion: Enhancing Interoperability, Privacy, and Security
Secureworks Fills Australian Mid-Market Demand for Simplified Cyber Security Solutions
18-Year-Old Vulnerability in Firefox and Chrome Actively Exploited in Cyber Attacks
Researchers Demonstrate How Attackers Can Exploit Microsoft Copilot
Vulnerability in Windows Driver Leads to System Crashes
5,000 WordPress Sites Affected by Unauthenticated Remote Code Execution Vulnerability in JS Help Desk WordPress Plugin
Telegram Bot Selling Phishing Tools to Bypass 2FA & Hack Microsoft 365 Accounts
Google Manifest V3 and Malwarebytes Browser Guard
Harnessing the Power of AI to Improve Operations
HYAS Investigates Threat Actors Hidden In Gaming Services
High-Risk Cloud Exposures Surge Due to Rapid Service Growth
Taking Steps to Prepare for Quantum Advantage
The Need for Application Security Testing
Mega money, unfathomable violence pervade thriving underground doxxing scene
The Value in Root Cause Analysis for Vulnerability Management
Trump Campaign Hack Points to Growing U.S. Election Threats
Russia Blocks Signal App Citing Violation Of Laws
Criminal IP and Maltego Collaborate to Broaden Threat Intelligence Data Search
Dashlane vs Lastpass: 2024 Password Manager Comparison
Malware-as-a-Service and Ransomware-as-a-Service Lower Barriers for Cybercriminals
DARPA Awards $14m to Seven Teams in AI Cyber Challenge
Australian Gold Mining Company Reports Ransomware Attack
Critical AWS Services Vulnerability Let Attackers Execute Remote Code
Imperva Security Efficacy and Operational Efficiency Leads the Industry in SecureIQLab’s Cloud WAAP Comparative Report
UN Cybercrime Treaty Passes in Unanimous Vote
200k Impacted by East Valley Institute of Technology Data Breach
Chrome, Edge users beset by malicious extensions that can’t be easily removed
Google Patches Critical Vulnerabilities in Quick Share After Researchers’ Warning
Hackers Exploiting WinRAR Flaw To Attacks Windows & Linux(ESXi) Machines
Check Point and Cybrary: Empowering Customers with Cutting-Edge Cyber Security Training
Digital Pioneers: Why Today’s Youth is the Best Generation to Support Cyber Security of the Future
Common Business-Related Phishing Scams Include Fake HR and IT Subject Lines
Shorter TLS Certificate Lifespans Expected to Complicate Management Efforts
Critical 1Password Flaws May Allow Hackers to Snatch Users’ Passwords
Survey: Cybersecurity Teams Investing in Automation to Reduce Noise Levels
How Phishing Attacks Adapt Quickly to Capitalize on Current Events
UN Adopts Controversial Cybercrime Treaty
Shedding Light on The Dark Web: Enhancing Cybersecurity Through Proactive Monitoring
How to spot phishing in the age of AI
What skills can cyber security experts develop to adapt to AI and quantum computing?
Sonos Speaker Flaws Could Have Let Remote Hackers Eavesdrop on Users
Researcher Saves Six Companies from Ransomware by Exploiting Security Flaws in Ransomware Gangs’ Infrastructure
The Missing Piece of SASE — Prisma Access Browser — Now Available
CrowdStrike Pursuing Deal to Buy Patch Management Specialist Action1
Indirect prompt injection in the real world: how people manipulate neural networks
SaaS Apps Present an Abbreviated Kill Chain for Attackers
Microsoft Found OpenVPN Bugs That can be Chained to Achieve RCE and LPE
Bipartisan Bill to Tighten Vulnerability Disclosure Rules for Federal Contractors
FreeBSD Releases Urgent Patch for High-Severity OpenSSH Vulnerability
The AI Hangover is Here – The End of the Beginning
Researchers Uncover Vulnerabilities in Solarman and Deye Solar Systems
Worried about the Windows BitLocker recovery bug? 6 things you need to know
The best hacks and security research from Black Hat and Def Con 2024
Earth Baku’s Latest Campaign Expands its Reach to Europe, the Middle East, and Africa
Russia Microsoft Hack Accessed Home Office Data
Ransomware Group BlackSuit Upgrades Capabilities
Starliner Astronauts May Use SpaceX For Return Trip
Cisco ‘Planning Second Round’ Of Major Job Cuts
Policing the Metaverse
NCSC to Build Nation-Scale Evidence Base for Cyber Deception
Multi-Factor Authentication Policy
How Organizations Can Prevent Their Employees Falling for Cyber Scams
Norton Secure VPN vs NordVPN (2024): Which VPN Is the Best?
Taxonomy of Generative AI Misuse
SSHamble: Open-Source Security Testing of SSH Services
Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200)
How Network Segmentation can Strengthen Visibility in OT Networks
Update: Exploit Released for Cisco SSM Bug Allowing Admin Password Changes
Industry Moves for the week of August 12, 2024 – SecurityWeek
The UN Is Moving to Fight Cybercrime but Privacy Groups Say Human Rights Will Be Violated
AI Integration, Budget Pressures Challenge CISOs
Cybersecurity News: Iran election interference, AMD SinkClose flaw, ADT break-in
Google’s Quick Share Vulnerabilities Let Attackers Execute Remote Code
Find Your Best Fit: Solving the Cybersecurity Framework Puzzle
Scams: Understanding vulnerabilities and protective strategies
EastWind campaign targets Russian organizations with sophisticated backdoors
Nearly 200 Firms Have Signed Pledge to Build More Secure Software, Top Cyber Official Says
Latrodectus and ACR Stealer Observed Spreading via Google Authenticator Phishing Site
Resecurity unveils new AI-driven Fraud Prevention Platform
Microsoft Reveals Iranian US Election Interference Ops
Analysis of Data Exfiltration Tools Used by Threat Actors
Evolve your cloud security knowledge
Man in Dock Accused of Breaking Hi-Tech Export Controls
Vulnerabilities in Solar Power Management Platform can Lead to Blackouts
AI and the Legal Framework: A Critical Turning Point
A week in security (August 5 – August 11)
Empowering youth worldwide toward a more sustainable and digitally resilient future
Botnet 7777: Are You Betting on a Compromised Router?
Industrial Remote Access Tool Ewon Cosy+ Vulnerable to Root Access Attacks
Leeds Man Jailed For Inciting Violence On Facebook
Emerging Exfiltration Tools Highlight Growing Threats to Enterprise Data
New Malware Strains Pop Up in Threat Landscape
Fake WinRar Websites Distributing Malware Payloads Hosted on GitHub
New Widespread Extension Trojan Malware Campaign
Experts Find Sinkclose Bug in Millions of AMD Processors, Hard to Patch
Authorities Arrested Two Admins of WWH-Club Stolen Credit Card Marketplace
Microsoft found OpenVPN bugs that can be chained to achieve RCE and LPE
The Importance of APIs/API Security in Financial Services
Over 15,000 hard coded secrets found by researcher at Defcon: Cyber Security Today for Monday, August 12, 2024
Trump campaign cites Iran election phish claim as evidence leaked docs were stolen
Microsoft issues alert against email phishing attack to influence US 2024 Elections
The Importance of Zero Touch in Cloud Security
74% of ransomware victims were attacked multiple times in a year
Scout Suite: Open-source cloud security auditing tool
EastWind Attack Deploys PlugY and GrewApacha Backdoors Using Booby-Trapped LNK Files
Misconfigurations and IAM weaknesses top cloud security concerns
Steps to improve quality engineering and system robustness
The UN unanimously agrees that cybercrime is bad, mkay?
ISC Stormcast For Monday, August 12th, 2024 https://isc.sans.edu/podcastdetail/9092, (Mon, Aug 12th)
Threat Actors’ Toolkit: Leveraging Sliver, PoshC2 & Batch Scripts
Video: Same Origin, CORS, DNS Rebinding and Localhost, (Mon, Aug 12th)